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Chapter 1 


Introduction 


“Purpose of the book, advantages and disadvantages of 
the Digital technology” 


& Philosophy 


“Thinking differently can be a solution to intractable 
problems with traditional methods” 


“From the account, do not count” 


1. Introduction and Philosophy 


Idea of the book 


When | was learning how to program a computer information system, | found it difficult 
to find the necessary knowledge in building it, and | did not find the right book which is 
in fact few or rare. | found books with hundreds of pages that do not help me in my 
work in a practical and fast way. Here | had an idea to make a book that shows this. 
That collects in it the appropriate methods, information, all the necessary and important 
algorithms for building. 


Thus, we do not need to read hundreds of pages that leave us without results. The 
details that the books come with are necessary, but the need here is to create a 
product efficiently and quickly. 


Almost the same thing happened to me when | was studying networking and 
information security, and at a programming company that | worked for before, when | 
have read their e-book | couldn't come up with any effective result. | have talked with 
the director of the company about it and he has suggested that | write this idea into a 
book. In fact, this problem is familiar for students and new graduates. 


| developed the idea and | present it to you in this book. 


1.1 Introduction 


| was keen to be able to share with others the experiences, visions, ideas, discoveries, 
and other methods and information so that | could contribute to pushing the wheel of 
science and technological development to the front. 


After a while, | thought | would make my knowledge, thoughts, and solutions including 
knowledge learned from other persons resonate more with the people, so | wrote this 
book that is in your hands to be a reference. | practically thought of collecting 
everything needed in one book and referring to it when needed. This book was 
intended to be useful to give you all that you need to be an expert as if you were 
asking a computer scientist or an IT expert and he would answer you, about some of 
the concepts and skills most frequent in the mind and field. Things that immediately 
enter you to the operating room and research. Thus reducing efforts of searching and 
shortening distances to arrive in purpose. 
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This book is basically practical, but it is also theoretical and does not devoid of 
philosophy. It is prepared with some of the research and precision. Here is a Summary 
of some of the efforts that have paid off in the field of information technology, computer 
science and information security. 


In principle, this book will be divided into two parts, this part “The Conclusion in 
Computer Systems” which makes you ready to deal very well with the other 
knowledge of information security that is in the second part (if it's possible the 
continuation). There will be described and dealt with defensive and offensive 
information security. That's one of the essential reasons why | used here Kali Linux as 
the main system, to make it easier for us if we continue the second part, and because 
it deals essentially with advanced penetration testing tools. It is a system prepared 
specifically for testing security, and, as it is known, it is a Debian-based Linux 
distribution that is widely used. 


The content of this book is a kind of collection, a copy, a Summary, and an authoring 
with the proof of the concept. The concepts that you find in this book are not always 
exactly defined and detailed. They are sometimes given in brief to understand just the 
point of what you need. 


The Digital invasion and its good and bad influence on human beings, how it 
shapes us and our relationship: Information technology has entered and spread almost 
everywhere and contributed to the development of other sciences improving and 
facilitating our daily life. 


Digital technology has entered and occupied our lives making our world a digital one. 
It doesn’t matter if you are young or old, if you love or hate it, you will be forced to use 
it for some necessity sometimes without even noticing, or you can get into it and be 
satisfied. In the midst of digital technological development, a generation of human 
beings called the digital generation was born. From this point, we find two types or 
groups of people in our society: digital natives and digital immigrants. Digital natives 
are born after the advent of digital technology, it is obviously the younger generation. 
This group is also referred to as the “iGeneration” or is described as having been born 
with digital DNA. While, digital immigrants are those born before about 1964, and 
before the advent of digital technology (pre-computer world). They grew up without any 
digital DNA. They have had to struggle to understand how the digital world works. 
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Hardly, anyone can do without digital technology as a result of what it gave of the 
positives. However it had also negatives when misused and this is on the levels of 
individual and family, social, health, governmental, criminal such as explained in the 
following paragraphs: 


The level of the individual and the family: when discipline, time management are 
absent in the priorities; you see, for example, when a boy or a girl spends most of their 
time with a phone and its smart applications such as conversation and electronic 
shopping, ignoring the other in front of them, who has the right first to listen and share 
time with them. 


Thus indifferent to the advice of their parents, all of that imposes a negative family 
distancing, and on that social behavior, the family relations become fragile and torn. 


The social level: The negative aspects of this level are based on negatives level that 
has an impact on the individual and the family level. 


The ease of passing and publishing false statements and articles, videos, fabricated 
profiles and rumors in general plays a great role in the corruption of society. 


Health level: After scientific health studies there is no doubt that failure to use the 
technology correctly leads to a deterioration of health, for example, problems with 
eyes, the breath, brain, and others. 


Governmental level: The transit of all of our electronic information through 
governmental or private communication channels is a subject for the existing 
governments or those requests to legally register our information that facilitates 
storage, filtering, and monitoring and using it when the time comes. It will create the 
possibility of espionage, which is strongly not permitted to exist but unfortunately is an 
accident in many times especially for strong, developed governments. It is about the 
violations of the private life of individuals and a great injustice that we cannot expect 
what is often. 


Criminal level: It is in itself sufficient to understand it as very dangerous negativity as it 
uses technology to spy on people and governments. It is also used for thefts, fraud, 
extortion, and moral and physical assassination..etc. 


The above-stated possible negatives, presented in a number of levels, show us the 
damages of digital technology when it is misused. However, scientists, governments, 
companies, engineers, developers, technicians,.. also participate in organizing 
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information and in protecting and defending privacy, copyrights, intellectual property, 
and others. 


| have noticed a lack of attention and that people are unaware of how to use 
technology. As an opinion, let it be a technological education that will describe the 
importance of digital technology it is, when and how to use it, and take advantage of it. 
Rights and duties will be also described in order to avoid the possibility of causing 
harm which is described before. 
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The following diagram includes basically the used resources (hardware and 
software) on this book project: 
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Mapping the Book 


Out IN 
The Book 
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Resources 


System 
Administraion 
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Figure 2: Mapping the Book 
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1.2 Philosophy 


This book is more beneficial for those who know the basics or rather who have basic 
skills in computer science, computer engineering, or IT. However, whoever wants to 
benefit, gets an understanding, with better understanding mechanisms, and without 
getting bored, hereafter on "Top Down Up Methodology" we will present evolutionary 
stages to seek knowledge. This is a proven and effective approach that takes you 
directly to the goal you want to learn. 


Top Down Up Methodology 


From Top To Down Focus and Jump 


Executive Step = - ------------------------- 


Realization Step ----------_------__-- 


Definitions and concepts,..(Basics) ~ 


Study and deeply Step ----—-- 


Figure 3: Top Down Up Methodology 


It is generally a descending method of understanding and learning, so we start from 
the top of the pyramid which has the produced object (the final complicated version), 
and going down step by step to explore the details, secrets, and mystery behind it. 


For example, a project has an open source web application. this project is our product 
(produced object). To understand the idea, this example describes how to execute and 
use the product as an ordinary user and go down to a more complex level until all the 
hidden details and details of the product are revealed to us. 
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To simplify the idea, put always in your mind the case of the above example in the 
following: 


A. From Up To Down 
1. Executive Step: 


It is the first step and a superficial confrontation with the target that is expected to be 
understood, as here we should identify and collect information on the target so that we 
know how, what, where, and when is being executed. After that, we execute it and 
make sure there are no errors (mistakes) or failures. 


2. Realization Step: 


It is an implicit step where we divide and analyze project content and design the model 
to understand the role of each concept, procedure or function,..etc. 


3. Definitions and Concepts,..(basics): 


Once we can't understand a part of our project as a reserved concept or a condition, 
we’re going to try to understand them from the basis. 


4. Study and deeply Step: 


At this step, we will go into a deep and theoretical study, for example, an algorithm, 
complicated concept, method, or approach. 


B. Focus and Jump 


Jump between our steps randomly based on the need for better understanding and 
expected and balanced perspective to gain time and save effort. 


By the way, this methodology is similar to penetration testing or hacking way method 
that is based on gathering information about the target until the target is exploited. At 
first, hackers know nothing about the victim or the target. However, then they 
undertake reconnaissance and begin tests of penetration and get an understanding of 
how the system works until they exploit it. 


It is also similar to the traditional way of learning for some nations. He may become a 
scientist in some sciences without holding a pen. 
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Naming Scientist 


In fact, the real computer scientist (| don’t mean here the academic/business name) is 
the one who masters all computer sciences (with s) theoretically and practically with 
memorizing and understanding. Otherwise, he or she is just a specialist or researcher. 
Taking separately the discipline of computer science or computer engineering to apply 
the definition i.e for example a computer engineer who verified the definition to be a 
scientist in computer engineering. 


Is what we have for now from an educational system the best? Does it make a 
scientist? | don’t think that! Generally, it is just making what the market needs including 
other kind of shaping, careless about the science. Accurately, the educational system 
produces researchers/specialists, not scientists. The researcher/specialist relies on 
books, unlike the scientist who relies on his mind. | conclude, it is assumed that calling 
someone a scientist is such a great title that it is not fair to call it arbitrary. 


Actually, the existed method of education (academic) is poor. It kills spirit of creativity. 
The assessment is not accurate, rather not fair, and its results do not indicate the 
knowledge of the student. 
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Chapter 2 


General Concepts 


“Memorization stabilizes the understanding of the 
science, if you are not able to memorize the entire 
science, then memorize its principles” 
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2. General Concepts 


2.1 Fields and Disciplines 


Science is a subtle systematic method for understanding and realizing facts by proof. 
It is divided into two parts, one theoretical and the other applied. Science generates 
knowledge. Technology is the science of applying knowledge. New science may be 
extracted or produced from original science. Engineering is a science that seeks 
intelligently to use and apply mathematics and other sciences to reality to solve 
problems. Technique is a way of implementing the application of knowledge. 


On the other hand and generally, science is against ignorance. It is what you know, 
everything you perceive as on its truth falls within the realm of science. When we root 
the facts and make for them bases, here, is the kernel of science. 


Is science constant or variable? 


From science what is constant and variable. Certainly, there are eternal constants, but 
other than that, we can say, it is indubitable that there is no constancy in this revolving 
world. What is constant today may change tomorrow, the inverse is also true. 


Saying Theoretically and Practically! 


If we say: Theoretically, something will be achieved, this does not mean that it is 
always achieved in practice, however here the theoretical principle remains valid. The 
reason is due to the intervention of a factor that makes the theory fail. 


Advice to acquiring knowledge 
Ask the right person a clear question at the right time. 
Technology 


It is a Two-syllable word of Greek origin, techno means craft, skill, or art, and the word 
logy means science or study, to be then the science of application. Technology is 
defined as the application of science and engineering to the development of devices, 
machines, and procedures. It is used as means in several fields to reach the desired 
results for developing society. For example, the computer and Internet are the results 
of technology. 
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IT and CIT 


| can consider information technology (IT) a computer science (within computer 
sciences) and not an art, albeit it is originally an art because it deals with the utilization 
and creativity rather than the conception, demonstration, and creation of deep objects. 
It is the application of the computer sciences by means that achieve the desired 
results. Thus it answers practically the question: How do | use a computer and its 
systems? 

This utilization has developed and become complex and has concepts, basics, rules, 
methods, and follows organized steps that make it science by itself. 


The term information technology (IT) remains in use, although it has been replaced 
after adding to it “communications” (ICT: Information and Communications 
Technology). This is because we hardly see a device that is not connected. 


The terms digital technology and IT have become interchangeable, though there are 
differences. A professional use of computer and technological devices may be 
considered IT, whereas digital technology is the driving experience, a normal use. 


Computer engineering 


It is a branch of engineering concerned with the integration of the study of hardware 
and software for the purpose of designing, developing and building computers, their 
systems, programs and other technological devices. 


Computer science 


Computer science is simply the analytical study of computers and computing which is 
based on mathematics to understand the reason behind the software. 


Computer sciences 


By it, | mean all sciences and techniques that help us to understand the computer 
system in terms of theory and applied: Mathematics, Algorithms, Software engineering, 
Database, Electricity, Electronics, and so on. 


As a discipline, the study program may differ from one university or institute to another, 
so it considers the study materials and the number of years of study to determine the 
equivalence and tendencies of the field of study. 


To make it easy, the following simple presentation represents the levels of studies: 


21 


Computer Sciences 


omputer Engineering 


; Engineer, Architect, Designer, ../ 
Computer science 


Scientist, researcher, .. 


(ICT)/Techniqve 


> 
Analyst, Expert, ../Technician,.. 


Figure 4: Levels of studies 


We can consider that IT professional is the pilot of the computer systems. While the 
computer engineer and scientist are the constructors of computer systems. 


2.2 Information and Information System 
System and Subsystem 


A System is a group of interrelated elements that work together as a single unit to 
achieve a specific objective. Whereas, the Subsystem is in one time, a system itself 
and a part of the system. 


Example of systems: computer system, phone system, enterprise system. 
Information System (IS) 


An information system can be defined technically as a set of interrelated components 
that collect (or retrieve), process, store, distribute and control data to help with decision 
making and control in the organization. 
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A Computer IS is a computer program that verifies the concept of information system 
through an automatic handling (computerizing). 


Personal + Data 


Hardware + 
Software + 
Network 
(ICT) 


Figure 5: The five components of |S 


Thus, the above figure indicates that the current Information system (usually using a 
computer) is a set of five components. 


DIKW Hierarchy 


The DIKW_ Hierarchy (Pyramid) represents the relationships between data, 
information, knowledge and wisdom. This model is used widely within information 
science, information management, information systems and knowledge management 
literature. 
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Wisdom (exp Political) Level 


Wise system (exp Expert system) < 


Executive support system (ESS) Strategic Level 


Management information eyetely 


(MIS) 


Knowledge 
Decision-support system (DSS) < 
Transaction Processing Syste Data 
(TPS) < 


Figure 6: DIKW Hierarchy and 4 major Information system types 


Tactical Level 
> 


yp bevational Level 


D = Raw 

!=D+Processing (Who?, What?, When?, Where?, etc) 
K=1+Rules (How?) 

W = K + Experience (or + Insight) (Why?, What is best?) 

Take a look on the following examples to understand these concepts better: 
Example 1 

1268 

But what does that mean? 

Only digits -> datum 

By adding a unit of measurement “kg” on this number -> Processing 
1268 kg, weight of something i.e. digits become meaningful. 

23 -> datum 


Today’s Temperature is 23 -> datum (because we don’t know if It is in °C or °F) 
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Today’s Temperature is 23 °C -> information 
Example 2 

A student's marks (/100): 60, 65, 70, 50 -> Data 

The average of the marks: 60 /100 -> Information 
The student has passed the session -> Decision 
Exams preparation helps you succeed -> Knowledge 


Doing your best in preparation for the exams will help you to succeed with an excellent 
average of marks -> Wisdom 


As we saw before in "example 2", information can be considered as data, however it 
depends on the context. 


Data is the raw of something in an incomprehensible form. Information will be 
generated from data processing to be in comprehensible form. Knowledge will be 
generated from sufficient amount of information using convenient rules. Wisdom will 
be generated from knowledge using insight, allowing knowledge to be applied in 
action. 


Seen the model in terms of time, could express that data, information, and knowledge 
levels represent the past, while wisdom level represents the future. 


Information science is a study that seeks to solve information problems, as it 
involves how information is collected, organized, represented, processed, distributed, 
and communicated. 


Conceptual Data Model 


The following Conceptual Data Model (CDM, part of MERISE method: MERISE is an 
acronym signifying Method of Studies and Realizations for Computer Systems for 
Companies, used for computerizing a manual system of an organization) represents in 
this example a “Books borrowing”. It demonstrates the relation between entities for 
building a very simple information system. 
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Student Book 
1,2 0,n 
St_code Bk_code 
St_name Bk_title 
St_bd Bk_author 
St_field 
1,2 
Library 
1,n Lb_code 
Lb name 
Lb Address 


Figure 7: CDM of the problem 


Explanation of the cardinality (min,max): 

1, 2 : one student can borrow at least one book and at most 2 books. 

0, n: at least no student (0) can borrow a book and at most many students. 

1, 2 : the book is contained in the first library at least and at most in the second library. 
1, n: the library contains at least one book and at most many books. 


Practically, CDM is the most important model to create a database. Its creation is due 
to your understanding of the problem. It may be better (optimal) in theory study, and it 
may be improved upon programming or in the testing phase. 


Database 


A database is an organized collection of data. It is composed of records in tables. 
Database program or DBMS are the software we use to enter and manipulate data. 


DBMS 


Database Management System (DBMS) is a computer system designed to manage 
data in database or database itself. It allows users to perform several operations such 


26 


as creating a database, storing, modifying and retrieving data. Examples of DBMS 
Software: MySQL, MariaDB, PostgreSQL, SQLite. 


There are three main types of DBMS: 
> Relational database 
> Hierarchical database 
> Network database. 

PESTEL model 


Analyze the external environment using the PESTEL model. In short, this model helps 
us to estimate the probability of success for opening an enterprise. PESTEL stands for: 


Political 
Economic 
Social 


Technological 


V VV WV 


Ecological 
> Legal 


A simple example, if you want to open an extension for your enterprise in a foreign 
country, you should study at the beginning the external environment of your project 
based on the conception and analysis using the PESTEL model. It gives a sight that 
you can calculate the opportunity and threat of each environment. In the end, if the 
sum of opportunities is bigger than the sum of threats, it means the result implies a 
high probability and possibility of succeeding in the project, otherwise, it is risky to go 
ahead with this project. 


Speaking about the threat and opportunity, as we mentioned, is in simple term, 
sometimes you can turn the threat to an opportunity. 


Secure the information 


In some cases, it is important to know that the information is not the server itself but 
what the server stores of data, so we must secure the informational asset, to avoid 
data stealing, and getting into the legal problem, which is very expensive for 
companies. 
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Information security (IS) is one of the sensitive areas in computer science (even, if 
there is a lot of information that won't be stored electronically, i.e. all are in scope), due 
to the effect. 


IS defined as: protecting information and information systems from unauthorized 
access, use, disclosure, disruption, modification, inspection, recording or destruction in 
order to provide the three major basics of information security: confidentiality, 
integrity, availability “CIA triad”, and in addition other basics such as authenticity, 
and non-Repudiation can also be involved. 


Information security should be considered as a basis and not an option. 


2.3 Artificial Intelligence and Turing Machine 
Artificial Intelligence and Cognitive Science 


Artificial intelligence (Al) means the intelligence shown by the machine, as scientists 
and experts aspire to make the machine think like a human being. So they develop 
methods robust and efficient to achieve results that humans considers judicious. The 
current level of Al is very low compared to human performance. 


The heart of Al is the database or knowledge base that is essential for learning the 
logic system. 


The Major Branches of Artificial Intelligence: 
Expert Systems 

Fuzzy Logic 

Natural Language Processing 


Neural Network 


Vv Vv VV WV 


Machine Learning 
> Robotics 

The seven patterns of Al: 
> Hyperpersonalization 
> Autonomous systems 


> Predictive analytics and decision support 


28 


Conversational/numan interactions 


Patterns and anomalies 


Vv V WV 


Recognition systems 
> Goal-driven systems 
Expert system 


It is a computer system that simulates the judgment and behavior of a human expert in 
his field. It consists of an inference engine (reasoning methods) and the knowledge 
base (facts and rules). 


Turing machine 


The Turing machine is the first indication of contemporary computers. It was described 
by a mathematician “Alan Turing in 1936” when he published his paper, which provides 
a simple formal model of mechanical computation (now known as Turing machines), on 
a single universal machine capable of decoding symbols and executing instructions. 
After about ten years, he developed the idea into electronic computers schematics that 
could run programs. 


A Turing machine is a mathematical model of computation, that defines a hypothetical 
(abstract) machine (not a real machine) that manipulates symbols on a strip of a tape 
(an infinite length tape divided into cells on which the input is given) according to a 
table of rules. In spite of the model's simplicity, the machine can simulate any computer 
algorithm. 


2.4 Computer architecture 


Computer architecture is the study of the inherent general structure of 
components and their relationship to each other in a computer system. 


Computer performance in executing programs is measured by the following Inverse 
relationship: 


performance =1/runtime 


A decrease in runtime leads to a corresponding increase in performance. 
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Von Neumann architecture 


According to this design, today's computers work. It is the first modern computer 
architecture which is designed by the mathematician von Neumann in 1945, with the 
idea that the programs (instructions) and data are stored in the same memory and 
managed by the same information-handling subsystem. 


CPU 


Code section 
Control Unit (CU) 


Input Arithmetic/Logic Unit (ALU) Output 
Device Device 


Registers 


AC 


Data section 


Figure 8: Von Neumann Architecture 


It consists of Control Unit (CU), Arithmetic and Logic Unit (ALU), Registers, Memory 
Unit and Inputs/Outputs. For transferring data, from one component to another, von 
Neumann architecture is comprised of three major bus (means of connection) systems: 
Address Bus, Data Bus, and Control Bus . 


Von Neumann-based computer executes programs use a fetch-decode-execute cycle. 


Informatics is the automatic processing of information. The automatic processing is 
done by the computer. 


Moore’s Law (Gordon E. Moore, Engineer and co-founder of Intel) is the empirical 
observation made in 1965 that “The number of transistors incorporated in a chip 
(Integrated circuit) —_ will approximately double every 24 months.”. 
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Moore's original statement can be found in his publication "Cramming more 
components onto integrated circuits”. 


The number of transistors in CPU: Core i7-8086K = 3 billion, Intel 8086 = 29,000, Core 
i9-7980xe = 7 billion (estimated). 


Nanoscale 


Nanotechnology is the study of extremely small sizes particles that are measured in 
nanometers. 


1 meter (m) = 100 centimeters 
1 centimeter (cm) = 10 millimeters 
1 millimeter (mm) = 1000 micrometers; (micrometer also called a micron) 
1 micron (um) = 1000 nanometers 
1 nanometer (nm) = 1e-6 mm = 1 x 10-6 mm = 0.000001 mm 
Number systems 
Computer architecture supports the following number systems: 
> Binary number system 
> Octal number system 
> Decimal number system 


> Hexadecimal (hex, h) number system 


Number system Base (Radix) Used digits Example 
Binary 2 0,1 (10110000) 2 
Octal 8 0,1,2,3,4,5,6,7 (220) g 
Decimal 10 0,1,2,3,4,5,6,7,8,9  (345)49 
Hexadecimal 16 0,1,2,3,4,5,6,7,8,9 (FF) 16 


,A(=10),B(=11),C(=12) 
,D(=13),E(=14),F(=15) 
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Whatever the numerical base used, it follows the following mathematical equation: 
i=n 

2 (bia!) = bia'+ ... + b3 a? + bz2a* +b1 at + boa? 

[=0 


Where: bj is the digit of rank i 


And: alis the base value exponent the rank | 

Example of base 10: 

(5348)10 = (5x10°) + (3x10*) + (4x10") + (8x10°) = 5348 
Truth table 


Decimal Binary 


0000 
0001 
0010 
0011 
0100 
0101 
0110 
0111 
1000 
1001 
10 1010 
11 1011 
12 1100 
13 1101 
14 1110 
15 1111 


OONDAABRWNEFR OO 


Units of information 


The basic unit is a bit = 1 (single binary digit takes O or 1). In the following are the other 
units: 


> Nibble = 4 bits 
> Byte = 8 bits 
> Word = 16 bits 
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> Double Word = 32 bits 
> Quad Word = 64 bits 
Converting numbers 
From binary to decimal: 
(1001)2 = (1x2°) + (0x2?) + (Ox2") + (1x2°) = (9):10 
From octal to decimal: 
(653)3 = (6x8*) + (5x8") + (3x8°) = (427):10 
From hexadecimal to decimal: 
(3BF)16 = (3x167) + (Bx16") + (Fx16°) = (3x16?) + (11x16") + (15x16°) = (959)10 
From decimal to binary: 
(19)10 = (?)2 
19/2 =9;remainder=1 4, MSB (Most Significant Bit) 
9/2=4; remainder = 1 | / LSB (Least Significant Bit) 
4/2=2; remainder=0 | loo” 
2/2 =1; remainder = ail 
=> (19)10 = (10011) 


The same method as shown above “From decimal to binary” is used for converting 
number system from a decimal number system to octal and hexadecimal. 


From hexadecimal to binary: 

(FA65)16 = (?)2 

Look up each hexadecimal digit to obtain the equivalent group of four binary digits. 
F = 1111, A= 1010, 6 = 0110, 5 = 0101 

=> (FA65)16 = (1111101001100101). 

From binary to hexadecimal: 


(110111), = (?)16 
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Group binary digits into sets of four, starting with the least significant digits. 

11 =3 , 0111 =7 

=> (110111)2 = (37)16 

To convert between octal and binary, use the same method indicated above between 
hexadecimal and binary but with group of three binary digits. 

(265)s= (10110101)2; 2=10,6=110, 5=101 

(11100101). = (345)g; 3=11, 4=100,5=101 


Because it is hard to use the binary system for human beings, the most commonly 
used number system in computers is decimal and hexadecimal numbers. The decimal 
number is a number system known to people in their diaries, while the hexadecimal 
number provides human-friendlier representation and expresses binary number 
representations in hexadecimal much easier compared with another number system. 


BCD code 


BCD stands for Binary Coded Decimal. It is a 4-bit binary encoding system to write the 
numbers from zero to nine each of it separately (0=000 — 9 =1001). 


ASCII code 


ASCII stands for American Standard Code for Information Interchange. It's a 7-bit 
character code, therefore it has 128 (2’) characters. The extended" ASCII table (like 
from ISO 8859-1) is encoded on 8 bits, to give 256 (2°) characters. It is an encoding 
representing each typed character by a number using one byte, for instance: symbol A 
is 65, and — (En dash) is 150. 


Unicode is an encoding for Arabic (4 J!), Greek (EAAnvikd), Mandarin (#71818), .. etc. 
languages, typically 2-bytes per character. 
UTF-8 code 


UTF-8 stands for 8-Bit Universal Character Set (UCS) Transformation Format. It is an 
8-bit character encoding for Unicode, and an ASCII compatible. It is the most widely 
used on the internet. 
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2.5 Computers, Binary and Quantum 
Brief history of computers 


A computer is a product of the accumulated knowledge of the human mind for 
thousands of years. The machine facilitating arithmetic operations has been known 
since antiquity, for example, the arithmetic machine (calculator) appeared in 2400 B.C. 
The Antikythera Mechanism is the first analog to mechanical computer that appeared 
more than 2000 years ago, used to predict the positions of the moon, the sun and the 
planets. The first programmable analog of the computer was invented by Al-Jazari in 
1206 which is a castle clock, a hydropowered (water powered) mechanical 
astronomical clock. 


But the idea of the computer can be traced back to inventor Charles Babbage and 
mathematician Ada Lovelace, although it was not actually fully completed, the machine 
was the first that deserved to be called a computer. Babbage conceived an Analytical 
Engine (analytic steam engine) in 1834, a general-purpose programmable computing 
engine. While Ada invented programs, in 1843, she wrote in her notes for a translation 
of a French article about the Analytical Engine how the machine could be used to 
follow a program to calculate Bernoulli numbers. For this, she was called the first 
computer programmer. 


The father of algorithms and computer science, the scientist and mathematician, the 
founder of algebra, Abu Jaafar Muhammad ibn Musa al-Khwarizmi (lived between the 
8-9 centuries), was the first one to define the algorithm. Without algorithms, the 
modern computer would not exist. 


Certainly, many scientists, inventors and others contributed to building and developing 
the computer, they were not mentioned here, and perhaps their role was greater. We 
will mention some of the contributors also below in context. 


Today’s Computers are electronic machines that treat the information in binary based 
in a bit which represents O or 1. Deeply a bit is the smallest hardware element. State of 
the bit O means there is no electricity (electric current is not present), while 1 is there 
(electric current is present). They are generated (produced) by a transistor which works 
as a switch: when it is open means 1, else means O. 


Consequently, the transistor can store the bit, and its number on the chip impacts the 
performance of the device such as processor or memory. Processor is faster and 
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performs increasingly more complicated instructions using the same amount of power, 
and the capacity of memory increases. 


IBM has reached a technology of 2 nm (nanometer) transistor which allows it to pack 
50 billion transistors onto a chip the size of a fingernail. The current industry standard 
is chips with 7 nm transistors. 


The performance is radically different 


Quantum computer can theoretically handle the complex mathematical operations in 
seconds instead of many years compared with the classical computer (binary 
computer). 


As Richard Feynman (physicist) said, in a paper published in 1982 (received May 7, 
1981), “Simulating Physics with Computers”: “Nature isn't classical, dammit, and if you 
want to make a simulation of nature, you'd better make it quantum mechanical, and by 
golly it's a wonderful problem, because it doesn't look so easy.”. And he postulated that 
to simulate quantum systems you will need to build quantum computers. 


Quantum algorithms are under discovery and investigation. In 1994, mathematician 
Peter Shore discovered an algorithm that runs in polynomial time and could quickly 
process large integers to find their prime factors (integer factorization) on a quantum 
computer. This "Shor's algorithm" solves the complexity of factoring and can be used to 
crack public-key cryptography schemes, like widely used RSA scheme. Another 
example of a quantum algorithm is Grover's algorithm (quantum search algorithm), for 
solving unstructured search problems, which was invented by the computer scientist 
Lov Grover in 1996. 


Classical algorithms will work correctly in a quantum computer. A quantum algorithm is 
an algorithm related to a problem that is quantum in nature. 


Prediction and the new principle 


Scientists have predicted that in 2021, we will reach the point where we will not be able 
to reduce the transistor further. Where the transistor will be in the size of an atom. 
Knowing that, the diameter of an atom (An atom is one of the basic units of matter) 
ranges from about 0.1 to 0.5 nanometer. 


In fact and at least, a few years ago researchers from the Universities of New South 
Wales, Purdue and Melbourne had technically ended Moore's Law by creating the 
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smallest transistor using monatomic phosphorous. Whereas, monatomic phosphorous 
has a diameter of 0.1 nanometers. 


In turn, the performance of processors will reach its limit. This made research institutes 
in quantum physics, big companies specialized in the manufacture of computing 
hardware, like IBM, and others find another way or principle, completely different from 
the classical computer principle to keep increasing the performance of the computer, 
thus the solution is the quantum computer. 


The first quantum bit, with 8 qubit (or qbit) appeared in Austria in 2005. A quantum 
computer relies on a probability unit called a Qbit, which holds the value of O or 1, or 0 
and 1 at the same time and this is known physically as superposition. 


In the world of quantum mechanics and in the small world of the atom, particles can 
behave like waves as they can exist in the form of a particle or a wave, or a particle 
and a wave together and as a result of this superposition, a Qbit can take the states as 
were mentioned above. 


Thus, more information can be stored in the same space in which one piece of 
information is stored in ordinary computers. This means that one Qbit can form two 
equations (probabilities) at the same time and two Qbits can form four equations and 
so on. And therefore, growth is exponential and verified the mathematical equation: f 
(n) = 2". 


1Qbit 2Qbit 3Qbit ..nQbit= 2" 
0 00 000 
1 01 001 
46 010 
ile Guiot 
100 
101 
110 
i eet 


Whereas the bit as known can store only one value (0 or 1), so with 1 bit we can form 
only one equation, with 2 bit we can also form 1 equation and so on. Which is 
represented by: f (n) = 1. 


In addition to the concept of quantum superposition, Qbits are based on the principle of 
quantum entanglement. It is a telepathic relationship between Qbits that makes them 
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affect each other at a speed that exceeds the speed of light (299,792.458 km per 
second ~ 300000 km/s). 


Information transmission 


qbit1 19« 419 qbit2 


Observation here affected here 


Figure 9: Entanglement between 2 Qbits 


By essential form, the photons (a photon is quantum of electromagnetic radiation, it is 
massless, has no electric charge, and is a basic unit of light) allow entanglement. 
Entanglement becomes basically the connection between units. 


Because of the superposition and entanglement, the growth and acceleration of Qbits 
occurs exponentially until they reach huge numbers that exceed our human 
imagination, which will easily allow only one computer out of 1,000 Qbits (or much 
less) to reach a supernatural performance that exceeds the performance of all Earth 
computers combined since the invention of the computer until today. 


Here lies its usefulness and danger. On the one hand, it may help us in development, 
for example, it can detect and prevent intrusions very quickly. On the other hand, we 
may use it, for example, to crack the most strongest types of encryption that exist 
today, such as the RSA asymmetric algorithm, which is based on the idea that it is 
impossible to quickly factor numbers into their prime factors (unless it is broken or 
hacked). Example: With RSA-2048 number, which has 617 decimal digits (2048 bits), it 
is definitely not possible in a reasonable time, we will need thousands of years to 
factorize its prime factors using the most powerful classical computer, while the 
quantum computer will factor it in seconds. 


The concept of quantum computing is still in its infancy. Scientists and experts are still 
experimenting and exploring the possibilities. These computers are in the process of 
being created, and what we have are very primitive quantum computers. If we get the 
desired results, it will be a scientific revolution that may completely change our lives. 
IBM has already introduced a quantum computer with a memory of 50 Qbits, which is 
available online now. 
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It is worth mentioning here, in the midst of development and the transition from a 
normal computer to a quantum computer, there will be real dangers to come. 
Therefore, we have to anticipate it, prepare for it and prevent it before it happens. 


2.6 Boolean Algebra and Digital Circuits 


In Mathematic, Boolean algebra is a branch of Algebra which deals with 
statements and their Boolean values, the true and false, usually denoted 1 and O 
respectively. 


In logic gates, we consider 1 to be true and 0 to be false. AND, OR, and NOT are the 
basic boolean operations. The logic gate symbols are as follows: 


Input output Logic equation 


oe X=A-B=A+B 
BO 


Figure 10: AND logic gate 


Truth table: 
A B X=A-B 
0 0 0 
0 1 0 
1 0 0 
1 1 1 


Truth table using Booleans: 


A B X=AandB 
false false false 
false true false 
true false false 
true true true 
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NAND 
Figure 11: NAND logic gate 


X=A:°B 
1 


KbKrRoOOobs, 
KORO 


OR 


Figure 12: OR logic gate 


A B X =A+B 
) ) ) 
) d 1 
1 0 1 
al 1 1 
4- 
A x X=A+B=AB 
s| > 
NOR 


Figure 13: NOR logic gate 
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A B X =A+B 
0 0 1 
0 1 0 
1 0 0 
1 1 O 


A x X =(A+B):(A+B) 
“2s, 


XOR (Exclusive-OR) 


Figure 14: XOR logic gate 


A B X=A®B 
0 0 0 
0 1 1 
af 0 1 
1 1 O 


A x X =(A-B) +(A- B) 
“s. 


XNOR (Exclusive -NOR) 


Figure 15: XOR logic gate 


A B X=A®B 
0 0 1 
0 i 0 
1 0 0 
1 1 1 
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Buffer 


Figure 16: Buffer logic gate 


A X=A 
0 0 
dl 1 


A PS X  X=A (notA) 


Inverter (Not) 


Figure 17: Inverter logic gate 


rob 
Or xX 


Mapping a logic equation to logic gates: 


X=(A: B)+(C+D) ? 


Ss 
a 


= 


a 


Figure 18: Logic gates of a specific equation 
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Absorption laws 
OR Absorption Law: 
A+ (A.B) = (A.1) + (A.B) =A(1+B)=A (or:A v (AA B)=A) 
AND Absorption Law: 
A(A + B) = (A+ 0).(A+ B) =A+ (0.B) =A (or: Aa (Av B) =A) 
A digital circuit can be in one of two states 0 or 1: 

> 0-1 volts for logic 0 

> 2-5 volts for logic 1 


A gate is a simple electronic device that can be used to compute various combinations 
of logic states. 


A transistor (carved from: transmit through a resistor) is an electronic component, a 
type of semiconductor. It can be thought of as a simple switch either closed or open. 


As aresult, Transistors are wired in patterns that build logic gates. The gates make up 
circuits, and circuits make up electronic systems. 


Noise immunity is the extent of the ability of electronic circuits to withstand noise 
without a malfunction or error in their work. 


The following diagrams of gates demonstrate their building from transistors: 


Inverter (NOT) gate: 


Vcc 
\ 
Vout 
Collector 
Vin 
Base 


Figure 19: Inverter gate by transistor 


43 


NAND gate: 


Figure 20: NAND gate by transistors 


NOR gate: 


Vout 


Figure 21: NOR gate by transistors 


Thus, with a little electronic equipment, a special chip (like SN74LS32) or transistors, 
you can practice these and make logic gates, such as the following application: 
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Power 
~—~Led 

~~~ Wire 
Transistor 
~ Switch 
Resistor 


Figure 22: Practical scheme of AND, OR gates 


All logic circuits can be made just from NAND or NOR gates . AND or OR gate requires 
three transistors to build. Where NAND or a NOR gate can be built from just two 
transistors. 


Above, we talked about electronic circuits that differ from electrical circuits where they 
can make decisions. Most of the electronic devices are small and deal with small 
voltages and currents. And it works mostly on Direct Current "DC" (the other one is 
Alternating Current "AC"), its value (DC voltage) is 3-12 V. 


Ohm’s Law 

It is a law in electricity, expressed mathematically with the following relationship: 
V=IxR 

V = voltage (unit : volt "V") 

| = current (unit : ampere "A") 


R = resistance (unit : Ohm "Q") 
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2./ Hardware and Software 


A computer consists of physical components and devices, which are referred to as the 
computer’s hardware. The computer runs programs, which are referred to as a 
software. 


In fact, the computer is divided in two parts: hardware (concrete and visible) and 
software (virtual or intangible and invisible). One of them cannot dispense or work 
without the other. Hardware development predates the development of software. 


A Computer system is a structured set of hardware and software components that 
rends it a computer (without operating system) from a side, and from another side, that 
automates a process, activity or task. 


Raspberry Pi is a low cost, mini size computer that helps you for example to make a 
robot. For example, Raspberry Pi 4, Model B Quad Core 64 Bit, RAM 8GB, with WiFi, 
and Bluetooth: 


Figure 23: Raspberry Pi 4 


Microcontroller 


A microcontroller is a physical programmable integrated circuit board. It contains all 
components (CPU, memory, various interface controllers, timers, I/O pins,..) which 
allow it to operate stand-alone and it has been designed in particular for monitoring 
and/or controlling tasks. 


Examples of a microcontroller: Arduino (open-source) which consists of a piece of 
software, IDE (Integrated Development Environment) that helps you to write and 
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upload computer program to the physical board. Another similar microcontroller is 
Leonardo as in the following figure for “R3 Leonardo R3 ATmega32U4 Development 


Board”: 


on ow 
z 
DIGITAL <PHrM > 


LEONARDO 


— 


BOARD MODEL 
LEONARDO prs 
OPEN-SOURCE ELECTRONICS 
PROTOTYPING PLATFORM 


DESIGN IN ITALY 


Figure 24: Leonardo R3 
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Figure 25: Microcontroller Nano 


Both Raspberry Pi and Microcontroller can use as embedded systems to perform a 
specific task. 


Computer’s hardware components 

The computer system consists of the following major components: 
CPU (Central processing unit): the processor. 
RAM (Random-Access Memory): the main memory. 


Secondary storage devices: a disk drive or a hard disk is the most common 
type of secondary storage device for data storage used in computers. A disk 
drive stores data by magnetically encoding it onto a circular disk. 


> Input devices: is the component which sends information to a computer. 
Common input devices are a keyboard, a mouse, a scanner, a microphone, and 
a digital camera. 


> Output devices: is the component which receives information from a computer. 
Common output devices are video displays, computer speaker and printers. 


Disk drives, optical drives (using CD/DVD), USB flash drives belong to Input 
devices (data reading) and output devices (data writing) 


> CMOS (Complementary Metal Oxide Semiconductor): is a special memory chip, 
it stores the changes of your BIOS configuration, i.e. the settings are not stored 
on the BIOS chip itself, but in CMOS chip. In the motherboard, CMOS can be 
found as a separated chip, or as on most modern motherboards, it is integrated 
with the RTC (Real-Time Clock) on the southbridge. 
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> BIOS chip stores the core system code that allows all of the devices to 
communicate. Today’s version of the BIOS chip (Flash ROM) can be 
reprogrammed (flashing) by special software to update the BIOS. 


> CMOS battery: powers the BIOS firmware in your computer. Removing and 
replacing CMOS battery (if it dies) or putting it back after 1-5 min (for clearing 
CMOS) can reset BIOS settings to their defaults when your computer is turned 
off, such as the time, date and also, if there is a BIOS password (password 
found on computer startup ), it will be deleted. 


> Chipset: is a set of electronic components on an integrated circuit known as 
"Data Flow Management System" that manages the transfer of data between 
the CPU, RAM, and I/O devices. 


All of these components are connected to the motherboard. 


The motherboard (mainboard, system board) is a big green electronic board that 
contains CPU, RAM, BIOS chips, I/O ports, and it connects all other computer 
hardware components. It maintains the electrical pathways that enable all other 
components to communicate with each other. 


Peripheral 


A peripheral (auxiliary device) is a hardware input device or output device that gives a 
computer additional functionality, which are not essential for the computer to perform 
its basic tasks. 


Software is typically classified into two major types of programs: 


> System software is generally the programs related to control and manage 
basic operations of computer resources and simplify applications programming. 
It includes categories such as operating systems (like Windows, Linux), utility 
programs (like antivirus), software development tools (like assemblers, 
compilers, and interpreters), networking tools, database management systems. 


> Application software (application or app for short) is programs designed to 
meet needs of end users. It renders the computer useful for everyday tasks. For 
example: Adobe acrobat, Microsoft word and excel, Web browser, Email client, 
Game programs. 
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Desktop and web-based software 


Desktop software is a type of application software that is installed locally i.e. in your 
personal computer using its resources such as storage and can be run independently 
from other applications or internet connections. 


While web application software runs on a web server and is accessed via a web 
browser using an internet connection. This type of software is programmed with the 
concept of client-server. 


Firmware and driver 


Firmware is a small piece of software that is stored on the hardware device itself 
which makes hardware work as its manufacturer intended it to. Firmware can be 
changed or deleted using special software. 


While the driver is a software component that lets the operating system and a device 
communicate with each other. Driver device is kind of an identifier of a device to 
operating system. Drivers are installed inside the operating system and they are run by 
the operating system. 


In software engineering, a software (product) life cycle is the entire way of that 
product from its preliminary study to its final abandonment (to be deprecated). 


Software is a collection of programs, all of which are linked together to perform part or 
entire the task. So the software can be part of the whole process to accomplish the 
task (here the software acts as a subsystem) or independent software (acts as a 
system). 


Wherefore, to build a specific software with a requirement of a client, this is a project, 
which is a problem for a computer engineer that needs to be computerized. This 
problem will be solved by studying and implementing. It will be divided into 
subproblems to be easy to solve and to control. 


The project should have related documentation to software for operating, developing, 
and maintaining. 


User interface 
There are four major types of user interface: 


> Command Line Interface (CLI): Is much faster than other UI types but difficult to 
use. Exp: Linux terminal and Windows command prompt commands. 
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> Menu-driven Interface (MI): Exp: ATM (Automated Teller Machine). 


> Graphical User Interface (GUI): The most familiar to people. One can encounter 
it while using the mouse to point and click. It is easy to use but slower compared 
to CLI. 


> Touchscreen Graphical User Interface (TGUI): Is commonly found on tablets, 
smartphones, and medical devices. 
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Chapter 3 


Computer Operating System 


“Understand concepts and mechanisms” 


3. Computer Operating System 


3.1 Operating System concepts 


The operating system (OS) is an intelligent and the most important system of the 
computer. It is a software or a set of programs that allows to exploit and manage the 
computer resources (processor, memory, hard-drive, clock, peripherals, 
communication inter-processes and inter-machines) and provides a basis layer for the 
developing and for programs execution. 


Location of OS in the computer 


Applications : Applications 
publisher Compilor Command System 
interpreter (shell) 
Operating system 
Machine language > 
Microprogramming ‘ Hardware 
Hardware 
7 


Figure 26: OS location in the computer 


OS architecture 


There are multiple types of OS kernel architecture. We will mention most of them as 
follows: 


Monolithic OS architecture 
Layered OS Architecture 
Virtual memory OS architecture 


Client/server OS architecture 


Vv Vv V WV 


Microkernel OS architecture 
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> 
> 
> 


Hybridkernel OS architecture 
Nanokernel OS architecture 


Exokernel OS architecture 


Types of OS 


> 


VV VV VV VV VV WV 


To simplify the complete OS structure, by indicating the whole role of a modern OS 
used today, we divide OS into three layers: kernel, environment, and applications & 


Batch OS 

Singletasking and multitasking/Time Sharing OS 
Singleuser and multiuser 
Multiprocessing OS 

Real Time OS 
Distributed OS 

Network OS 

Clustering OS 

Mobile OS 

Embedded 

Templated 


Library 


human interface. 


> 


Kernel is a program that is considered to be a bridge (strict to pass through) 
between applications and a hardware system (where data is handled at the 
hardware level) controlling all the system. It is a component of a OS software 
(Windows, Linux) that is loaded to memory at startup and that becomes 
resident. As an example for features of Linux kernel, true multitasking, virtual 
memory, shared libraries, demand loading, shared copy-on-write executables, 
proper memory management, and multistack networking including IPv4 and 


IPv6. 


54 


> Environment is the interface between the kernel and applications & human 
interface such as system calls (API), libraries and shell. 


> Applications & Human Interface 


Human Interface (desktop environment) is the perceptual medium that can be 
leveraged to facilitate the use, explore and execute the functionalities of the 
operating system and interact with hardware features. For example, Linux has 
several interfaces: Gnome, KDE,.., while Windows provides only a single 
embedded interface. 


Applications 


& Human Interface 


Environment 


Kernel 


Figure 27: Simple OS structure 


Desktop OS Market Share 


Desktop OS market share worldwide according to StatCounter 
(https://gs.statcounter.com/os-market-share/desktop/worldwide) for August 2021: 


> Windows 76.13% 

OS X (MacOS) 16.15% 
Linux 2.4% 

Chrome OS 1.7% 
FreeBSD 0% 

Unknown 3.62% 


Vv Vv VV WV 


55 


3.2 Process 


Process is a dynamic entity corresponding to a task(tasks are for example the user 
programs(a program as simply is a sequence of instructions), input/output) execution 
by the system. The process is the dynamic activity that transforms input data to output 
data. 


Processes can have one program but have different states. When we execute a 
program using a shell, the process creator is called the parent and those created 
processes, are called child processes; this creation forms a tree of processes. 


a! ps 


Figure 28: Process hierarchy 


The process management in Windows is different of the one that Linux has. Taking the 
above diagram, one of them is when you kill or terminate (taskkill) P1 in Windows (in 
which the child P2 contains information of its parent P1 and the child P4 contains 
information only about its parent P2 and not P1) the rest keeps running their jobs. 
Otherwise, in linux they will be all terminated (but Linux can also make it working the 
same way as in Windows). 


Process sections in memory 


the process is divided into 4 sections (Segments) in the memory composing a process 
workspace: stack, heap, text and data. 


56 


max 


Stack 


Data 


Text 


0 


Figure 29: Process sections in memory 


Process states 


The following diagram explains us process states and their transformation into the 
memory (Secondary->main->secondary), as indicated we have distinguished 7 states: 
new, ready, running, waiting, terminated, suspended ready, suspended blocked. 
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Figure 30: Process states 


Process states in Unix 


The process execution in Unix is done under two modes: the kernel 
mode(corresponding to calls of kernel code: write, read..) and the user 
mode(corresponding to other instructions). There are 9 states of the process: creation, 
ready in memory, running in Kernel mode, running in user mode, preempted, blocked 
in memory, blocked in disk, ready in disk, zombie. The following diagram illustrates 
different states of the process in Unix. 
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Process control block (PCB) is a data structure that contains all the information 
associated with each process. PCB is holding information depending on the OS: 
Process state, Process ID, CPU registers and Program counter (PC), Memory 
management information,..etc. These attributes are also known as the context of the 


process. 
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3.3 Threads 


Threads a thread is a basic unit of the process. It is a flow of execution within the 
process. Threads are degraded processes into a process, they have no own address 
space. Threads are also called lightweight or featherweight processes. 


A process can contain multiple threads based on the modern concept. The classic 
concept of the process which contains an address space and only a single thread 
causes a problem of duplication of processes and wastage of memory space. For 
example in client/server systems, the server executes a system call operation 
fork(creates a new process «the child process» by duplicating the calling process) to 
handle each of its clients. Where using a modern concept of the process, we can occur 
the same result without any wastage, creating only one thread for a new client, and 
keeping the same address, code and data space. So the idea is to associate several 
threads with an address space and with a process. 


The threads are very well adapted to parallelism. 


Thread 


<i 


Single 


Thread 


Thread4 


Process 


Process 


Classic concept of process Modern concept of process 


Figure 32: Difference between process concepts 


Thread attributes (elements) are Thread ID, Program counter, Stack, Registers, status. 
The attributes of a process are shared to all threads of that process. 
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Types of Threads 
> User Level Threads: are implemented by users who manages threads. 


> Kernel Level Threads: are handled by OS which manages threads acting on 
kernel. 


3.4 Memory 


Memory the main memory (RAM: Random Access Memory) is a hardware entity that 
provides the location for programs and data when the processor is executing them. 
RAM is empty when there is no electricity, otherwise it should be loaded to work on 
and should save the contents when the working session is terminated. 


Managing memory is one of the functionality of the OS, it is almost impossible without 
the help of hardware. In some systems, for example the multi-user, the memory is 
protected basically by two registers (base, limit) where the user is denied from 
accessing the system kernel or other user programs in any way. 


To allocate or create a new space for a process to work, there are three main 
strategies: first fit, best fit, worst fit. Releasing memory means making the space free 
when the process is terminated or evacuated from the memory. The block is then 
marked as free and it is possibly merged with adjacent blocks. The following examples 
illustrate the release, where the allocated block A will be the free block F. 


Before: 
A B V 
After: 
F B V 
Before: 
F A D 
After: 
F D 
Before: 
F A F 
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After: 


Figure 33: Memory release 


To help managing memory, and getting more memory space, there is a mechanism 
called Virtual Memory that allows information in physical memory (RAM) to be 
swapped out to a hard drive if necessary. Virtual memory is composed of both physical 
memory and hard drive space (a swap or page file on the hard drive). 


3.5 File System 


File System a file is an object that contains information(set of related bits “The bit is 
a basic and the smallest unit of the information, it contains O or 1”, bytes, lines or 
records), created by a user or files creator. It resides outside of address space of 
processes but provides an interface allowing reading/writing of data into this address 
space, because the files of an OS represent two parts: a part of the objects, that acts 
and handles and which it exchanges information with, the other part being the 
processes. 


Files are located and recorded physically in storage devices such as a hard disk and 
an optical disk. Where temporary files may be stored in the memory(RAM). 


In general the files space and its internal organization are called the filesystem(fs) 
which provides a strict model of persistent files, and is able to manage independently 
hardware support. Its services are such as creation, deletion, opening, closing, 
reading, writing, positioning. 


Most often, files are organized in a tree structure. 
Types of Windows and Linux file system 
> Windows uses FAT(16/32) and NTFS. 


> Linux uses a multiple filesystem: ext2, ext3, ext4, ..etc 
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Common file name extensions in Windows and Linux 


Extensions In Windows inform the system which application is created or which can 
open the file and which icon (a program graphical representation) to use for the file. 
The file format is as: file.extension. An example of the Microsoft word document “my- 
document.docx” represents: the first part of the file name is “my-document” and “docx” 
is the extension, where they are separated with a dot “.”. 


Unlike Windows, file extensions do not matter to Linux as much as verifying the 
content and figuring out the file type. It doesn't use them to determine how to run an 
executable file, but it does use them to determine which program to use to open a 
data file. In fact, here, It is important to know the difference between Linux and its 
desktop environment as Gnome and how it acts with extensions, where they are 
important for Gnome but they are not for Linux. Gnome has a mechanism that relys on 
file extensions to determine which application to call to open the file. 


Thus, Linux has no equivalent of Windows executable files. Executables are indicated 
by file permissions and not by an extension such as “.exe” extension in Windows. 


The file command determines the file type, it is a more accurate indicator of file 
contents than the extension. 


> Windows 
Text : txt (Unformatted text file), rtf (Rich Text Format file), md (MARKDOWN). 


Executable : exe (Executable program file), cmd (Windows Command File or 
script file), com (Command File), bat (batch file), ps1 (Powershell script file), 
gadget (Windows Gadget), jar (Java architecture file). 


System : sys (Microsoft DOS and Windows system settings and variables file) , 
inf (Setup Information file), ini (Windows initialization configuration file), bak 
(Backup file), tmp (Temporary data file), bin (Binary compressed file), dat 
(generic data file), cab (Windows cabinet file), cfg (Configuration file), cpl 
(Windows control panel file), dll (Dynamic link library), lib (Static library). 


Microsoft office : doc, docx (Word), docm (Word macro-enabled); xls, xlsx 
(Excel), xlsm (Excel macro-enabled); xlm, xla (Excel add-in or macro file); ppt, 
pptx (PowerPoint); mdb, accdb(Access); pub (Microsoft Publisher file). 
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Image : jpg, jpeg (Joint Photographic Experts Group photo file); png (Portable 
Network Graphics file); bmp (Bitmap file); gif (Graphical Interchange Format 
file); tif, tiff (Tagged Image Format file); psd (Adobe Photoshop file). 


Video : mp4 (MPEG 4 video), mpeg (Moving Picture Experts Group movie file), 
mpg (MPEG 1 system stream), avi (Multimedia Audio/Video), vob (Video object 
file). 


Audio : mp3 (MPEG layer 3 audio file), m4a (MPEG-4 audio file). 


Others : pdf (Portable Document Format file); csv (Comma-separated values 
file); rar (Roshal Archive compressed file), zip (Compressed file); xps (XML- 
based document); htm, html (Hypertext markup language page); css (a 
cascading style sheet); aspx (ASP.NET Active Server page); vbs (Virtual Basic 
script); js (JavaScript code); json ((JavaScript Object Notation) is a lightweight 
data-interchange format. Primarily used for transmitting data between a web 
application and a server); iso (ISO-9660 disc image); pst (Outlook data store) ; 
msi (Microsoft installer file). 


Linux 


Linux is able to understand or run almost all of the extensions that we have 
described in Windows . With the tool “wine32/64”, we can run multiple Windows 
programs such as .exe files. 


Arbitrary executable : elf (Executable and Linkable Format), bin (Binary or bin 
file in Ubuntu refers to installation packages), run (typically used for Linux 
program installers). 


Package : deb (Debian Package), rpm (rpm package; rpm refers also to 
package manager software). 


Compressed files : tar (archive created with the tar utility), tar.gz (tarball file 
format created also with tar utility), gz (compressed using the gzip utility ), bz2 
(compressed with the bzip2 compression utility ), zip (the popular compression 
ZIP format). 


Computer Language : sh (shell script), bash, c (c source file ), cpp (c++ source 
file), h (c or c++ program language header file), py (python source or script file), 
pl (perl source or script file), java (Java source code), php ( php script), xml 
(XML (Extended Markup Language) format). 
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System : ko (Driver and kernel module); lock (lock file that prevents the use of 
another file); log (system or program’s log file); so, o (Shared Object that can be 
loaded at runtime (Similar to DLL)); a (Static library); diff(Often used for 
difference data files. Sometimes, it is called Patch files and uses the .patch file 
extension. It is a file containing instructions to apply a patch and to show the 
differences between two different files, such as from a base version to another 
version of a single file or a project (exp: the linux kernel)); rc (run command 
configuration data); src (source code file); conf, cfg (configuration file); d 
(directory containing scripts or configuration files). 


Others : tex (text formatted in the TeX or LaTeX formatting language); wav, au 
(audio file); xcf (The native GIMP (GNU Image Manipulation Program) image 
format. Everything is saved: layers, selections, channels, paths and more); img 
(image, i.e., exact copy of a file). 


3.6 How OS is starting up 


When you turn on the computer, pressing the power button, the bootstrap process 
starts. The first program to run is stored in ROM, this code will test the hardware 
system to confirm all things working properly. POST(Power-On Self Test is one of 
multiple tasks of BIOS) checks the CPU(Central Processing Unit), memory, and BIOS 
(basic input/output systems) for errors and stores the result in a special memory 
location. When the POST has been successfully completed, the BIOS(is a software or 
firmware stored in ROM, the most important role of BIOS is loading the OS) runs a 
small program called bootstrap loader of the OS software located in disk drives( hard 
drive, a CD/DVD or a USB stick), with its only task to load the OS into memory and 
allow it to begin an operation. 


storing POST 


result turn off 


(star turn-on 


testing / 


~ activating(bootstrap loader) loading-/executing/saving 


ee ae = 
_ 7 


Figure 34: OS start-up 
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3.7 Virtual environment 


Virtualization is a smart solution to use and exploit computer components as much 
as possible by creating a virtual version or an abstraction of an object including system 
(core idea, pc/server, desktop), infrastructure (Network, storage), software (high-level 
language, application). 


This technology solution makes the utilization of a single real device creates several 
abstract, unreal devices with almost equal efficiency. 


Virtual machine (VM) is the virtualization of a computer system. It is simply a 
software that acts as a computer within a real computer. 


Server Virtualization Software 
> vSphere 
> Hyper-V 
> VMware ESXi 
> Oracle VM VirtualBox 
> VMware Workstation Pro 


Docker is an open-source project tool that simplifies and accelerates your workflow. It 
uses OS-level virtualization to allow developers to deploy their applications in 
containers to run on the host OS. Thus Docker allows users to package a software with 
all of its dependencies into a standardized unit. Containers can be run in isolation from 
each other and the running host and they can communicate with each other through 
well-defined channels. 


Compared to virtual machines, containers are lightweight for usage, do not have high 
overhead and hence, enable more efficient usage of the underlying system and 
resources. 


Python environment 


Here, virtual environment is a self-contained directory tree that contains a Python 
installation for a particular version of Python, plus a number of additional packages. 
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Chapter 4 


System Administration 


“Exploit the resources and become a_=s system 
administrator” 
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4. System Administration 


To simplify our documentation we do: after the semicolons “;” you find the explanations, 
even they are located after a normal line or after a command line (it is recognized with 
different font text). 


We are not going to demonstrate how to install the operating systems that are used 
hereafter. 


4.1 Windows 


Insight into Microsoft Windows 


In 1975, childhood friends Bill Gates and Paul Allen founded a company Microsoft 
(originally called Micro-Soft, for microprocessors and software) to develop computer 
software. After Paul left the company in 1983, Bill continued to lead Microsoft until his 
resignation in 2020. 


In 1981, Microsoft released the first operating system with CLI (Command Line 
Interface) mode, MS-DOS (Microsoft PC-DOS 1.0), which was primarily developed by 
Microsoft and licensed to IBM to operate on the first IBM personal computer (PC). In 
1985, Microsoft released a new operating system, Windows (Windows 1.0), with a 
GUI (Graphical User Interface). 


Windows was relied on MS-DOS (DOS+Windows lineage) up to Windows Me. Unlike 
Windows NT (Windows New Technology) lineage (exp Windows NT 6.1 “Windows 7”), 
which is not layered on top of DOS. 


MS-DOS 


MS-DOS (Microsoft Disk Operating System) is an operating system, which uses CLI 
mode to operate tasks. It is a Singleuser-Singletasking OS, this means a single user 
can perform only one task at a time. In case you want to experience DOS, you can 
simply run FreeDOS, which is an open source DOS-compatible operating system. 


Windows 


Windows is a closed source operating system (OS), that means that you cannot see 
the source code or modify it. It’s easy to use, intelligent, secure. It works a bit slow and 
one of the reasons for that is using a simple file system structure compared to Linux. It 
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is a commercial (paid) system so you should pay to have a version for you. It is the 
largest target system for hackers in the world because it’s successful and universal, 
that’s one big reason that explains to us why they always discover a bunch of flaws 
and vulnerabilities. 


It was a Singleuser-Multitasking OS type. This means that a single user is allowed to 
perform more than one task at a time. This design was changed later when Windows 
95 was the first one with some Multiuser features. Windows NT server 3.5 was truly 
the first serious Multiuser Operating System. But, compared to the Multiuser 
functionality of Unix/Linux, there is a big difference, where Linux outperforms Windows. 


Windows uses GUI mode, and has only one model of desktop Interface. 


To control and command Windows well and professionally you should go to the 
command line (CMD Prompt or PowerShell), where you can administrate tasks 
perfectly. 


Windows Administration — The most important commands 


In the following, we will demonstrate CLI mode: CMD prompt and focus on it. 
Windows Command Prompt “cmd.exe” is a GUI version of "command.com" in MS- 
DOS with differences. However we will indicate how to get different Windows 
applications to handle several tasks in GUI mode. We will mainly use the Windows 10 
Professional version. 


Some commands line will work only in administrator mode. 


4.1.1 Basic Operations 
Get command line (CMD Prompt) 


Press Start/Win (Windows button) + R (letter r), 
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Type the name of a program, folder, document, or Internet 
resource, and Windows will open it for you. 


P Type here to search 


Figure 35: Run dialog box 


Into the popped up run dialog (small window), type cmd and hit enter, or: 
To get administrator command line, type the following command: 


powershell start-process cmd -verb runas 
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Figure 36: Window of CMD as Administrator 


For Windows powershell, type: 

powershell start-process powershell -verb runas 

Get help 

help ; Dispaly help of several commands. 
command_name /? ; Display command helpl. 

Start a program or command in a separate window: 
start ; Create a new window of command prompt. 
start calc ; Starts the Calculator application. 


dir ; Displays a list of a directory's files and subdirectories. 
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dir 

mkdir newfolder ; Create a new folder. 

cd ; Display the name of or change the current directory. 
cd newfolder ; Change/navigate directory/folder. 

cd ; Print the curent directory. 

cd... ; Change/navigate back to directory/folder. 

cd/; Or cd \, to go to the root of directory (c:, di, ..). 


pushd c:\newfolder ; Save the current working directory in memory, so you can return to 
it any time, optionally changing to a new directory. 


popd ; Return to the path at the top of the directory stack. 

xcopy /e /i newfolder to_newfolder02 ; Copying from source to destination. 
rmdir newfolder ; Delete the folder. 

move ; Move one or more files from one directory to another. 


C:\>move Newfolder Newfolder02 ; Moves the directory “Newfolder’” with its files to a new 
directory “Newfolders02” (automatically created). 


type nul >file.txt ; Create a new file. 
Examples of some operations on the file: 


dir |findstr file.txt ; Find the file “file.txt” in the current directory. Adding the flag: /s to 
apply in subdirectories. 


Or: 
dir file.txt 


dir *.txt ; Find all text files ending with “.txt” in the current directory. Adding /s to apply in 
the subdirectories. 


echo text1>file.txt ; Add text1 to the file. txt. 
echo text2>>file.txt ; Add text2 in queue of the file. txt. 
type file.txt ; Print content of the file. txt. 


find “text2” file.txt ; Find string text2 in content of the file. txt. 
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del file.txt ; Delete a file. 


del *.txt ; Delete all text files ending with “.txt” in the current directory. Adding /s to 
apply in the subdirectories. 


rem ; Record comments (remarks) in a batch file or CONFIG.SYS. 
rem my comment 


attrib ; Display or change files or directories attributes. attrib is useful to detect some 
hidden malicious programs or malware. Running the attrib command (examples of 
likely infected directories: “windows>system32”, “appdata”, “temp”) many times with the 
same parameters may be more effective. 


C:\>attrib ; Display attributes of all files in the current directory. 
To hide the folder/directory "Newfolder02", type: 
attrib +h Newfolder02 


To unhide it again, type: 
attrib -h Newfolder02 


To set attributtes (SHR) to the file, type: 
attrib +s +h +r file.txt 

To unset/clear them, type: 

attrib -s -h -r file.txt 


A ; Archive file attribute. 
S ; System file attribute. 
H ; Hidden file attribute. 
R ; Read-only file attribute. 


To find files “.info” in the current directory, type: 


attrib /s /d /l *.info 


To find a folder in the current directory, type: 


attrib /s /d /l Newfolder01 
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/S ; Processes matching files in the current folder and all subfolders. 

/D ; Processes folders as well. 

/L ; Work on the attributes of the Symbolic Link versus the target of the Symbolic 
Link. 


Compression/uncompression 
compact ; Displays or alters the compression of files on NTFS partitions. 
compact /c file.txt ; Compress the file. 


compact /c Newfolder02 ; Compress the directory only. It does not compress the files 
inside the directory. 


compact file.txt ; Check the compression status of the file. 
compact /u file.txt ; Uncompress the file. 
compact /c * ; Compress all files in the directory. 


compact /c ; Compress all files in the directory and the directory itself. Compress the 
subdirectories if they exist but does not compress their files. 


compact /c /s * ; Compress all files including the subdirectories and their files in the 
directory. Without the flag “*” does compressing also of the directory itself. 


compact /u /s * ; Uncompress all files including the sub-directories and their files in the 
directory. 


tar (bsdtar) ; manipulate archive files. 

tar —help 

Compress a directory’s files to zip file: 

tar -cvzf rep.zip * 

Extract a zip file: 

tar -xf rep.zip 

Shutdown 

shutdown /t 10 /r ; Restart the system in 10 seconds. 


shutdown /s ; Shutdown in less than 1 minute. 
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shutdown /t 10 /s ; Shutdown in 10 seconds. 
shutdown /a_; Cancel a shutdown. 
shutdown /i ; Remote shutdown dialog. 
Language 


Change Language of CMD prompt: 
chcp 437 


Code page, Country/region or language: 


2 437, United States 

= 863, Canadian-French 
= 866, Russian 

= 936, Chinese 

=> 850, Multilingual (Latin 1) 
=> 65001, UTF-8 * 

= 1256, Arabic 


To change display language, type the following command: 
Ipksetup /u locale 


Replace the locale portion with your language code. For example, for Russian, it is ru- 
RU. 


Ipksetup /u ru-ru 
Install all language packs that are located at a given location: 
Ipksetup /i * /p <language_pack_path> 


Uninstall two language packs. Lpksetup will be started in GUI mode but will not require 
user intervention: 


Ipksetup /u ja-JP es-ES 
Install three language packs stored on a network share: 


Ipksetup /i ja-JP en-US es-ES /r /s /p \\networkpath\languagepackfolder 
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4.1.2 System 
systeminfo ; Display system information. 
To change the computer name: 


Firstly we should know the current computer name, to find it out, see via systeminfo 
command in a “Host Name”, or type: 


WMIC ComputerSystem get username ; To find out the computer name and username 
(formed as: computername\username): DESKTOP-7ADR4JR\wind-proof. 


Now we change the computer name as the following: 
WMIC computersystem where caption='current_computername' rename new_computername 
Or: 


WMIC ComputerSystem where Name="current_computername” call Rename 
Name=new_computername 


To change the remote computer name, type: 


WMIC /node:"current_remote_computername" /user:user_name /password:user_password 
computersystem call rename "new_remote_computername" 


dxdiag ; DirectX diagnostic tool to display system information and others. 
control ; Control panel. 


msconfig ; This command opens System Configuration dialog where you can change 
some of the system settings in Windows. 


regedit ; Registry editor. 


tasklist ; Displays a list of currently running processes on the local computer or on a 
remote computer 


taskkill ; Ends one or more tasks or processes. 
bcdedit ; For managing Boot Configuration Data (BCD) stores. 
taskmgr ; Task manager. 


netplwiz ; The common User Account is in Windows Control Panel, while this command 
opens the advanced User Accounts window. 
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lusrmgr.msc ; Running this command, you can open Local Users and Groups manager 
where you can edit properties of all your users and groups. 


appwiz.cpl ; This Run Command quickly opens the Programs and Features window 
where you can uninstall programs and apps in Windows 10. 


desk.cpl ; It's a shortcut allowing you to change your Windows screen resolution. 


powercfg.cpl ; Running this command will directly open the Power Options window 
which is buried in Control Panel. 


main.cpl ; This command can help you access Mouse Properties dialog where you can 
change settings of the mouse connected to your computer. 


snippingtool ; Screenshots. 
logoff ; This Run Command is a less known quick way to sign out of Windows 10. 
compmgmt.msc ; Open Computer Management window. 
gpedit.msc ; Open Local Group Policy Editor. 
rstrui.exe ; System restoration. To restore system files and settings. 
mmc ; Open microsoft management console. 
secpol.msc ; Open Local Security policy. 
services.msc ; (or Sc) Display Services (GUI). 
sc query ; Enumerates status for active services & drivers. 
sc query|findstr SERVICE_NAME ; Find a service. 
net stop SERVICE_NAME ; Stop a service. 
net start SERVICE_NAME ; Start a service. 


reg ; Performs operations on registry subkey information and values in registry entries. 
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4.1.3 Firewall 


wf.msc ; Display the firewall in GUI mode, the Windows Defender with Advanced 
Security. 


Windows Defender 

sc query windefend ; Check the state of the service. 

sc sdshow windefend ; Display a service's security descriptor. 
net start windefend ; Start the service. 


net stop windefend ; Stop the service temporary. It will be loading in the next boot of the 
System. 


If you are working in Windows 10, you will get the message “..Access is denied.”, thus 
to disable or stop permanently windefend "Windows defender Anti Virus", open 
gpedit.msc if you have, navigate to Computer Configuration > Administrative Templates 
> Windows Components > Windows Defender Antivirus 


Double-Click (see on the right side) Turn off Windows Defender Antivirus, and set the 
option to: Enabled and Apply>OK. 


Refresh the Group Policy Settings: 
gpupdate /force 

Reboot the System. 

In CLI mode (CMD) with details: 


reg add "HKEY_LOCAL_MACHINE\SOFTWARE \Policies\Microsoft\Windows Defender" /v 
DisableAntiSpyware /t REG_DWORD /d 1 /f 


reg add "HKEY_LOCAL_MACHINE\SOFTWARE \Policies\Microsoft\Windows Defender\Real- 
Time Protection" /v DisableRealtimeMonitoring /t REG_DWORD /d 1 /f 


reg add "HKEY_LOCAL_MACHINE\SOFTWARE \Policies\Microsoft\Windows Defender\Real- 
Time Protection" Vv DisableBehaviorMonitoring /t REG_DWORD /d 1 /f 


reg add "HKEY_LOCAL_MACHINE\SOFTWARE \Policies\Microsoft\Windows Defender\Real- 
Time Protection" /v DisableOnAccessProtection /t REG_DWORD /d 1 /f 


reg add "HKEY_LOCAL_MACHINE\SOFTWARE \Policies\Microsoft\Windows Defender\Real- 
Time Protection" /v DisableScanOnRealtimeEnable /t REG_DWORD /d 1 /f 
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Restart the computer to disable the Windows Defender Antivirus permanently. 
Change its value 1 to 0 for enable the service again. 
Disable Windows Defender SmartScreen Filter in Windows 10: 


reg add "HKEY_LOCAL_MACHINE\SOFTWARE \Policies\Microsoft\Windows\System" /v 
EnableSmartScreen /t REG_DWORD /d 0 /f 


To disable it put the value 0 for EnableSmartScreen, else put 1 to enable it again. 
Firewall on/offlshow 


netsh advfirewall set currentprofile state on ; Turn on Windows firewall, off to turn off. In 
my case, the command will turn on/off my firewall for public network. 


(In Windows XP: netsh firewall opmode mode=enable ; disable to turn off) 


To set the firewall state for a particular profile, type one of the following instead of 
currentprofile: 


=> domainprofile ; For domain network. 

> privateprofile ; For private network. 

= publicprofile ; For public network. 
netsh advfirewall show currentprofile ; Show state of firewall. 
(In Windows XP and Windows 7: netsh firewall show state) 


To open a port in firewall for Windows XP and Windows 7 (still working in Windows 
10), type: 


netsh firewall add portopening tcp 80 "My open-port 80" 

To delete it, type: 

netsh firewall delete portopening tcp 80 

Or in recent OS than XP such as Windows server2008, Windows 7... 
rem open tcp port 80 inbound ; Renaming, outbound for outcoming traffic) 


netsh advfirewall firewall add rule name="My open-port 80" dir=in action=allow protocol=tcp 
localport=80 ; block (instead of allow), to block connection on this port, out (instead of 
in) for outbound traffic. 
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Problem of pinging Windows from Linux, may be the issue from firewall, the solution 
is presented in the following command: 


netsh advfirewall firewall add rule name= "ping" protocol=ICMPV4 dir=in action=allow ; 
To block it again, put block instead of allow. 
Allowing access for Remote Desktop (RDP) 


netsh advfirewall firewall add rule name="RDP" dir=in action=allow protocol=tcp 
localport=3389 
(Or in XP: netsh firewall add portopening tcp 3389 "my port 3389") 


reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server" /v 
fDenyTSConnections /t REG_DWORD /d 0 /f 


To disable remote desktop(RDP) put block instead of allow (for the first line) and put 
1 instead of 0 (for the second line). 


4.1.4 Network 


ncpa.cpl ; Network connections. 

ipconfig /all ; Display information about network and your ip. 
Change IP address 

Manually: 


netsh interface ip show config ; Show configurations of interfaces (to choose which one 
you want to change its addresses). 

netsh interface ip set address name = "Local Area Connection" static 192.168.0.114 
255.255.255.0 192.168.0.1 

netsh interface ip set dns "Local Area Connection" static 8.8.8.8 


Or it may be changed automatically as follows: 


ipconfig /flushdns 
ipconfig /release 
ipconfig /renew 


tracert ; Trace route, you can use to trace the path that an Internet Protocol (IP) packet 
takes to its destination. 


tracert www.shareforshow.com ; Or IP address. 
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Activate/deactivate TCP/IP 
net stop /y tcpip ; Stop the connection. 


net start tcpip ; Start it again. 


netstat ; Display protocol statistics and current TCP/IP network connections. 
netstat -h ; help 


netstat -a -b 


Sending a message 


Sending a message from one computer to another to be displayed as a message box 
for 15 seconds, 


msg /server:computer_name */time:15 "Hello User" 
Sharing files 

To list the share network on the local computer, type: 
net share 


To create a shared folder or a network share for full permissions and with everyone in 
the domain, type: 


net share test_net=c:\newfolder02 /grant:everyone,FULL 
(net share share_name=folder_path /grant:user_name,READ|CHANGE]|FULL) 


To limit the number of users to 3 accessing the share simultaneously, add to the 
command above: /users:3 


To share with a specific user and to grant only read rights, type: 
net share test_net=c:\newfolder02 /grant:user_name,READ 

To map a network drive, type: 

net use z: \\DESKTOP-7ADR4JR\test_net 

(net use Z: \\computer_name\share_name) 

Z. 


If the shared network drive is protected, then type: 
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net use z: \\computer_name\share_name /user:user_name user_password 


(net use <drive_letter>: \\<server>\<share_name> /user:<domain>\<user_name> 
<user_password>) 


Add to the command, the flag /persistent:Yes for persistent connection, otherwise, to 
turn it off use instead of yes, no as: /persistent:No. 


To list a network drive, type: 

net use 

To delete the mapped network drive, type: 

net use z: /delete 

To delete the network share, type: 

net share test_net /delete 

(net share share_name /delete) 

To delete the network share on a remote computer, type: 
net share share_name \\remote_computer /delete 

Get external IP 

nslookup myip.opendns.com. resolver1.opendns.com 
Downloading 

bitsadmin /transfer myDownloadJob /download /priority normal https://download- 


server/file.zip c:\file.zip 


4.1.5 Repair the System 
chkdsk ; Check and repair a corruption on a hard disk. 


chkdsk 


sfc ; Scans the integrity of all protected system files and replaces incorrect versions 
with correct Microsoft versions. 


sfc /scannow 


cleanmgr ; Open Disk Cleanup utility (running in GUI mode). 
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defrag ; Run in GUI mode by writing defrag in search taskbar for example and in CLI 
mode, the command prompt (cmd) as following: 


defrag C:/O/V; To optimize C: drive and printing fragmentation statistics. 
defrag /C /O/V ; To optimize all partitions and printing fragmentation statistics. 


Getting a Troubleshoot mode is done from two options: one, while your computer is 
booting, and the other when your Windows is working. In the last case, you can do it by 
pressing and holding Shift button with clicking on Power>Restart the Windows. 


You can get a Command prompt in Advanced options of Troubleshoot. 
Safe Mode 


An example of reparation and exploiting this mode is when Windows doesn't want to 
start, where the reason is lack of available space. 


Enable Safe Mode: 

bcdedit /set {default} safeboot minimal 

Enable Safe Mode with Networking: 
bcdedit /set {default} safeboot network 

Enable Safe Mode with Command Prompt: 


bcdedit /set {default} safeboot minimal 
bcdedit /set {default} safebootalternateshell yes 


Continue/Restart to go working in this mode. 
Disable safe mode: 


bcdedit /deletevalue {default} safeboot 


4.1.6 User accounts and Find Keys 


net user ; TO display a user accounts. 
Add user account 


To create a local account, put your preferred credentials of username and password 
instead of user_name and password in the following command line: 


net user user_name password /add 
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To Add the newly created user to administrators group, enter: 

net localgroup administrators user_name /add 

Delete user account 

net user user_name /del 

Reset user password 

net user user_name * 

Find Microsoft Office key 

Find the last 5 characters of the installed product key of Microsoft Office: 


c:\Windows\System32>cscript "c:\Program Files (x86)\Microsoft Office\Office16\ 
OSPP.VBS" /dstatus 


With running vbasic program “msofficekey.vbs”, you find out your complete Microsoft 
Office key. The script is existing on github website: 


https://github.com/PluginsOCSInventory-NG/officepack/tree/ 
449259f52ba263f9 74e 75cbdba6bffO8daf28404 


Find Windows key 
C:\WINDOWS\system32>wmic path softwarelicensingservice get OA3xOriginalProductKey 


Find the WiFi Password 
netsh wlan show profile name=labnol key=clear 


If you would like only to see the password and not another information, use the findstr 
command: 


netsh wlan show profile name=labnol key=clear | findstr Key 


4.1.7 Disk management 


diskmgmt.msc ; This Run Command helps you open Windows 10 Disk Management 
where you can manage the hard disk partition on your computer. 


diskpart ; This command interpreter helps you manage your computer's drives (disks, 
partitions, volumes, or virtual hard disks). It is run in administrator mode. 
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Example of how we get details of partition, 
C:\Windows\system32> diskpart 


DISKPART> list disk 
DISKPART> select disk 0 
DISKPART> list partition 
DISKPART> select partition 1 
DISKPART> detail partition 


To delete a selected partition, 


DISKPART> DELETE partition 
DISKPART> exit 


Example of how we erase deeply the disk, 


DISKPART> list disk 
DISKPART> select disk 0 
DISKPART> clean all ; \f you just want to clean the disk, then only type: clean. 


Example of how to create and format two partitions (primary: ntfs, logical: fat32) for a 
flash drive (size = 15 GB), 


DISKPART> list disk 

DISKPART> select disk 1 ; For the flash drive. 

DISKPART> clean 

DISKPART> create partition primary size=10000 ; For 10 GB. 
DISKPART> list partition 

DISKPART> active ; To mark the current partition (primary) as active. 
DISKPART> format fs=ntfs label=mydrive_first quick 

DISKPART> assign letter=g ; Or just: assign. 

DISKPART> create partition extended size=5000 ; For the rest of free space: 5 GB. 
DISKPART> create partition logical size=5000 

DISKPART> format fs=fat32 quick 

DISKPART> assign letter=f 

DISKPART> list partition 

DISKPART> exit 


4.1.8 Permission in Windows 
icacls ; It displays or modifies discretionary access control lists (DACLS) on specified 


files, and applies stored DACLs to files in specified directories. (This command 
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replaces the deprecated cacls command which still working). icacls preserves the 
canonical ordering of ACE (access control entry) entries: Explicit Deny, Explicit Grant, 
Inherited Deny, Inherited Grant. 


1. Example for cacls 

To display access control lists (ACLs) of the folder: “Newfolder01”, type: 

cacls Newfolder01 

For all files permissions, type: 

cacls Newfolder01 /t 

To remove access to the folder for everyone, type: 

cacls Newfolder01 /e /p everyone:n 

To grant access to the folder for everyone, type: 

cacls Newfolder01 /e /p everyone:f 

To revoke access rights to the folder for everyone, type: 

cacls Newfolder01 /e /r everyone 

To grant only access to the folder for administrators, type: 

cacls Newfolder01 /e /p administrators:f 

To give the user: “wind-proof” read-only Control of a folder and all sub folders, type: 
cacls NewfolderO1 /e /t /c /p wind-proof:r 

To give the user “wind-proof’ write Control of a file: “fileO.txt” in the folder, type: 
cacls fileO.txt /e /p wind-proof:w 

In case including all files that have same name in the sub folders, type: 

cacls file0.txt /e /t /c /p wind-proof:w 


/e ; Edit ACL instead of replacing it. 
/p user:perm ; Replace specified user's access rights. 
perm can be: N None 
R Read 
W Write 
C Change (write) 
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F Full control 
/r user ; Revoke specified user's access rights (only valid with /E). 
/t ; Changes ACLs of specified files in the current directory and all subdirectories. 
/c ; Continue on access denied errors. 


2. Example for icacls 

To view the permissions set on a folder “Newfolder01”, type: 
icacls c:\Newfolder01 

For all files permissions, type: 

icacls c:\NewfolderO1 /t 


To reset the files permissions on a folder “Newfolder01” and in all its sub folders (reset 
permissions of the folder itself and what contained from files and sub folders), type: 


icacls c:\NewfolderO1 /reset /t /c 


With Newfolder01\*, the reset does in all files including sub folders inside the folder 
“Newfolder01” except itself: 


icacls c:\Newfolder01\* /reset /t /c 


To deny the wind-proof user from the full access to the folder and _ its 
files/subdirectories, type: 


icacls "c:\Newfolder01" /deny wind-proof:F /t 
Return to access, type: 
icacls "c:\Newfolder01" /grant wind-proof:F /t 


To grant the user wind-proof full access and some specific inheritances to the folder 
“Newfolder01”, including all its files/sub folders, type: 


icacls "c:\Newfolder01" /grant wind-proof:(OIT)(CDF /t 


F ; Full access. 

(Ol) ; Object Inherit - Indicates that subordinate files will inherit the ACE . This folder 
and files (no inheritance to subfolders). 

(CI) ; Container Inherit - Indicates that subordinate containers will inherit the ACE. 
This folder and subfolders. 
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/t ; Indicates that this operation is performed on all matching files/directories below 
the directories specified in the name. 


To remove all occurrences of wind-proof user from the ACL, type: 

icacls "c:\Newfolder01" /remove wind-proof 

Grant administrators full access to the corrupted system file for example: 
icacls C:\windows\system32\bootcfg.exe /grant administrators: F 


To save/backup the ACLs for all files under “c:\windows’” and its subdirectories to file 
“WindowsACL.txt’, type: 


icacls c:\windows\* /save WindowsACL. txt /t 


To restore the ACLs for every file within “WindowsACL.txt’ that exists in “c:\windows” 
and its subdirectories, type: 


icacls c:\windows\ /restore WindowsACL.txt 


To save/backup the ACLs for all files and subdirectories in the directory “Newfolder01”, 
type: 

icacls_c:\Newfolder01\* /save MyACL_backup.txt /t 

To restore ACLS using a previously saved ACL file, type: 

icacls c:\Newfolder01\ /restore MyACL_backup.txt 


4.1.9 Explore important directories and GUI tools 


In Run dialog (Win + R), you can explore directories and launch tools with %windir%\ 
program_name, or in CMD with: start %windir%\program_name. Where the 
environment variable %windir% (or %systemroot%) is a shortcut of the directory 
Windows, so for example by writing and running in CMD the command: echo %windir 
%; you find as result: C:\Windows. 


%WINDIR%\write.exe ; Open document of the app WordPad. 
%WINDIR%\system32\calc.exe ; Open the Calculator. 
%WINDIR%\explorer.exe ; Display File Explorer. 


%WINDIR%\security ; Display Security directory. 
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%WINDIR%\Registration ; Display Registration directory. 
%WINDIR%\media ; Display Media directory. 
%WINDIR%\PolicyDefinitions ; Display PolicyDefinitions directory. 
%WINDIR%\Web ; Display Web directory. 

%WINDIR%\Logs ; Display Logs directory. 

%WINDIR%\debug ;Display debug directory. 

%WINDIR%\Boot ; Display Boot directory. 


%WINDIR%\bootstat.dat ; Try to open the bootstat.dat (is a Microsoft Windows log file 
contains information that allows Windows to determine if the last boot attempt was 
successful or not). 


%WINDIR%\diagnostics ; Display diagnostics directory. 
%WINDIR%\Tasks ; Display Tasks directory. 
\\files_server ; Network path. 


%windir%\syswow64\mshta.exe ; Calling HTA from the command line (to call a HTA script 
in the current directory type: mshta %cd%\MyScript.hta). 


God Mode 
Create and rename a new folder in Windows with the following name: 
GodMode.{ED7BA470-8E54-465E-825C-99712043E01C} 


After that double click on this renamed folder. Here are the categories of tools you'll 
find in God Mode: 


Administrative Tools 
AutoPlay 

Backup and Restore 
Color Management 
Credential Manager 
Date and Time 
Devices and Printers 
Ease of Access Center 
File Explorer Options 


VVUVVVVVVY 
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File History 

Fonts 

Indexing Options 

Infrared 

Internet Options 

Keyboard 

Mouse 

Network and Sharing Center 
Pen and Touch 

Phone and Modem 

Power Options 

Programs and Features 
Region 

RemoteApp and Desktop Connections 
Security and Maintenance 
Sound 

Speech Recognition 
Storage Spaces 

Sync Center 

System 

Tablet PC Settings 

Taskbar and Navigation 
Troubleshooting 

User Accounts 

Windows Defender Firewall 
Windows Mobility Center 
Work Folders 


4.1.10 Batch file 


A batch file is a Windows file with a ".bat" extension that contains instruction (Ss) or 
command (s). The sequences of instructions will be executed one by one till the end of 
the file. 


The batch file uses also a ".cmd" or ".btm" extensions. The first line of the batch file 
“@echo off’ prevents all commands in a batch file (including the echo off command) 
from displaying on the screen. 


90 


Scripts with batch files 


Create the batch file and run it by double clicking on the file. To terminate the batch job, 
just click on ctrl+c. 


Examples: 


1. Display contents of all files that exist in the directory: (“test1.bat”) 


@echo off 
for /r %%A in (*.*) do echo %%A & type %%A & echo. 


cmd /k 


2. Comparison of two numbers: (“test2. bat”) 


@echo off 
set /Aa=5 


set /A b=6 
if %a%==%b% (echo "Numbers are equal") else (echo "Numbers are not equal") 
timeout 5 > nul 


3. Addition of two numbers: (“test3. bat”) 


@echo off 

title Addition of two numbers 
echo Type the first number: 
SET /P num1= 

echo Type the second number: 
set /P num2= 

set /A s=%num1%+ %num2% 
echo The result is: %s% 
echo. 

echo Press any key to exit. 
pause>nul 


4. Display a random numbers in green color without stop: (“test4.bat”) 


@echo off 


color Oa 

start 

echo %random% 
goto start 


5. Call batch file inside another: (“test5.bat”) 
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@echo off 

color Oa 

:start 

echo %random% 
call test3.bat 
goto start 


4.1.11 Windows Shortcuts 


In a search bar, type: “cmd” -> Ctrl + Shift + Enter -> Yes ; Launch CMD prompt in 
administrator mode. 


Ctrl +c ; (In CMD) Ending command in execution. 
Shift + <— / — ; (In CMD) select a text. 

Ctr +c ; (In CMD) Copy a selected line. 

Ctrl + v ; (INCMD) Past a copied line. 


Ctrl + i ; (In CMD) Find the complete probable named such as app, file or folder in the 
current directory. More accurate by typing some initials. 


tT / J ; (In CMD) Scroll through typed commands history. 

Ctrl + <— /— ; (In CMD) Move to one word to the backward / forward. 

Esc ; (In CMD) Clear command line. 

Ctrl + f ; Searching. 

Ctrl +s ; Searching bar. 

Start/Win +i ; Display Settings panel. 

Start + d ; Display (cleared from any things as launched apps) and hide the desktop. 
Start + e ; Display File Explorer. 

Alt + enter ; Full screen CMD. 

exit ; Close the current session or the CMD prompt application. 


Alt + F4 ;: Close current window. 
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Ctrl + Alt + delete ; To use options: Lock, Switch user, Sign out, change a password, 
Task Manager. 


Start + | ; Lock Windows system. 
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4.2 Linux 


Insight into Linux 


Linux is due to the Finnish student Linus Torvald who has developed it in 1991. He 
took the idea of a Unix operating system to develop a new free operating system 
kernel. So Linux is a Unix-like operating system, it is derived from Unix (the most 
common varieties of UNIX are GNU/Linux, MacOS X, and Sun Solaris). Unlike Unix 
that is a complete OS (example: Solaris), Linux is in fact the OS kernel which is the 
most crucial part of OS but generally is referred to as a computer operating system. 
GNU/Linux is the Linux OS, which is supplied with GNU software and other additions. 
Thus, Linux distributions (“distros”) can be treated as the complete OS. 


From my point of view, Linux is the best operating system ever existed for now. 
Unfortunately, it is not popular with most normal people, so they lose time and money 
on using other OS, while Linux was created to give us a free and powerful solution, 
allowing us to apply new ideas, innovations, and inventions. 


On the other hand, in reality, Linux is the most commonly used operating system in the 
world. It is a very important operating system that is used a lot by administrators, 
developers, security professionals, and hackers for different kinds of jobs on several 
types of devices. It can run in several hardware platforms such as Intel, Mac, Sun, Dec 
Alpha. In 2021, the Linux OS runs all 500 (100%) of the world’s fastest 
supercomputers. Today, it powers most of the web servers and smartphones, many 
millions of desktop computers, a large chunk of tablet computers, and several 
appliances (dsl modems, routers, dvd-players, washing machines, self-driving cars, 
space station laptops...). 


We mention here that macOS is a UNIX 03-compliant operating system certified by the 
Open Group. The mobile operating systems Android and iOS (is provided by Apple 
Incorporation) are based on UNIX or UNIX-like operating systems. Android is based on 
Linux, and iOS is based on Darwin (BSD) operating system. 


Linux is an open source OS, it is very secure, reliable because of its architecture and 
structure of managing processes and memory, and a complex file system structure that 
renders handling files more flexible and fast to store and retrieve information. Because 
i's an open source, it is for everyone, while computer engineers or scientists can for 
example understand and practice operating system theories and applications and 
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develop it, unlike Windows which is opened only for its registered developers and 
researchers. 


Linux is Multiuser-Multitasking OS type that allows more than one user at a time to 
perform more than one task (program) at a time. For example, with ssh program, 
different computer users (the Clients) can access simultaneously single Linux 
computer (the Server) and perform tasks at a time. Another example for exploiting this 
design is using the system LTSP (Linux Terminal Server Project) to help make good 
management. 


Utilization and administration in Linux is still based on command line interface, on the 
console or terminal, unlike Windows. Terminal is offered on window in GUI mode, thus 
it Can operate tasks and all administration jobs. 


Linux features 


FSF and GNU Project 


The Free Software Foundation (FSF) (in 1985) and the GNU Project (in 1983) were 
both started by Richard M. Stallman (RMS), the author of the original Emacs editor. 
GNU Emacs is the most widely used version of Emacs today. 


The Free Software Foundation (FSF) is a nonprofit organization (based in Boston, MA, 
USA) dedicated to the production and distribution of freely distributable software. 


The GNU Project is an ongoing effort on the part of the FSF to create a complete, 
freely distributable, POSIX-compliant computing environment. The FSF uses the GNU 
General Public License (GPL) to ensure that its software’s source code is always 
available to the end user. 


GNU (is a recursive acronym meaning "GNU's Not Unix") is a Unix-like operating 
system which is 100% free software, consists of GNU packages (programs 
specifically released by the GNU Project) as well as free software released by third 
parties. The main goal of GNU is to offer a Unix-compatible system that would be 
100% free software. For example, one of the a whole system to install, is Ututo S 
which is a GNU/Linux 100% free distribution. It was the first fully free GNU/Linux 
system recognized by the GNU Project. 
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Free and open source software 


Free software is a famous term that describes computer software that allows users to 
have the freedom to run, edit, contribute to, and share it. The term open source is 
very similar to that of free software, but the difference is that its idea primarily values 
practical benefit and does not campaign for principles. 


Everything is a file 

On a Unix/Linux system, everything is a file (or more precisely, everything is a stream 
of bytes: or as Linus Torvalds corrected it), otherwise, it is a process. Every file has an 
owner and permissions. With Linux commands, we can simply query those files, by 
reading a Flash drive, CD/DVD-ROM drive, writing a network socket or finding out a 
Hardware’s information such as CPU, Memory or Disk information. 


Filesystem Hierarchy Standard (FHS) 


FHS defines the structure of file systems on Linux/UNIX-like operating systems, 
allowing users of other Linux distributions to find their way easily. However, Linux file 
systems also contain some directories that aren’t yet the part of the FHS. The FHS is 
available online at http:/www.pathname.com/fhs/. Linux directories are described as 
follows: 


> |: Root directory contains everything of Linux system. 
> lroot: Home directory for root user. 


> Ihome : Home directory for every user you have in the system, except for root 
user. 


> Iboot : Contains all files needed to boot the computer. Your Linux kernels and 
grub boot loader’s files are stored here. 


> letc : All of the machine-specific configuration files should be located under /etc. 
/etc is the nerve centre of the system. Backuping this directory regularly is 
useful, if problems occur, it saves you a lot of re-configuration. 


> Ibin : Contains binaries (Sometimes called executables, files that contain 
machine code or compiled source code) to use by all users system 
administrator as well as non-privileged users. 


96 


Isbin : System binaries or programs. It contains binaries to configure the 
operating system. 


Isys : Specific to the Linux kernel (not part of the FHS), it is used by the kernel 
for exporting data to user space. 


Idev : Device files are not actually located on the hard disk, but they appear as 
ordinary files. 


Iproc : Special directory and it doesn’t take up a disk (and not part of the FHS). 
It is actually what the kernel manages, and is a mean to interact with it 
directly. /proc is a proc filesystem. 


lusr : Unix System Resources. applications (this directory is further subdivided 
into bin, sbin, lib according to the same logic as in the root directory) 
Furthermore, /usr/share/ contains architecture-independent data. The /usr/local/ 
directory is meant to be used by the administrator for installing applications 
manually without overwriting files handled by the packaging system (dpkg). 


Ivar : Contains variable data. Files that are unpredictable in size, such as log 
(like system logging files), cache and spool files, should be located under /var. 


flib : Basic libraries. Binaries found in /bin and /sbin often use shared libraries 
located under /lib. 


llost+found : Recovered Files. Linux should always go through a proper 
shutdown. If the system crashes or the machine shuts down due to power 
failure, either way, a file system check using fsck will be performed at the next 
boot. All corrupted files found will be placed in the lost+found directory, so you 
can attempt to recover as much data as possible. 


Imedia : Mount points for removable devices (CD-ROM, USB keys, digital 
cameras and so on). 


> Imnt: Should be empty and should only be used for temporary mount points. 


> lopt: Extra applications provided by third parties. 


> Irun : Volatile runtime data that does not persist across reboots (not part of 


FHS). 


Isrv : Data used by servers hosted on this system. The FHS allows locating cvs, 
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rsync, ftp and www data in this location. The FHS also approves administrative 
naming in /srv, like /srv/project55/ftp and /srv/sales/www. 


> Itmp : Temporary files (this directory is often emptied at boot). Data stored in 
/tmp may use either disk space or RAM. Never archive or store important data 
under here. 


Repository 

The system retrieves and installs OS updates and applications from storage locations 
which are called repositories. They refer essentially to the file “/etc/apt/sources.list” on 
Debian-based Linux. 


Sources.list Format 


deb = http://http.kali.org/kali__kali-rolling main non-free contrib 
<Archive> <Mirror> <Branch> <Component> 


Each repository is a set of software stored on a remote server for the use of installing 
and updating software packages on Linux systems. When you run commands such as 
“sudo apt update” or “sudo apt upgrade”, you may be pulling package information and 
package updates from a number of repositories and then install them. If you want to 
install a package “sudo apt install package_name”, it is firstly better to update “sudo 
apt update”, to get the recent version. 


Generally, developers of free and open source software strongly contribute to 
uploading their packages to the archive (repository) to be used by everyone. That's 
why the repositories are very rich in thousands of programs. Standard repositories 
characterize a high level of security since the software included is thoroughly tested 
and built to be compatible with a particular distribution and version. Often, you can 
expect the updates to occur with no unexpected "side effects." 


User profiles 


The shell uses a number of startup files that are executed (or rather sourced) 
whenever the shell is invoked. They create a number of preset (and customized) 
aliases, variables, and functions of logged on users. What follows is a mention of shell 
startup scripts. 


=> system profile: /etc/profile 


=> ~/.profile 
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= ~/.bashrc 
=> ~/.bash_logout 
= /etc/bash.bashrc 


Terminal, console and shell 


In Unix/Linux terminology, the short concept of terminal, console and shell is the 
following: 


> Terminal (= tty) is a text input/output environment (generally, it is a logical entity). 
> Console is a physical terminal. 


> Shell is a command line interpreter like bash, sh. 


Examples of Linux OS 
Example of Linux OS distributions 


Debian-based systems (.deb) : Debian, Ubuntu, Mint, Kali Linux. 
RPM-based systems (.rpm) : RedHat, Fedora, CentOS. 
Examples of Linux desktop environments 


Gnome, Ixde, kde, deepin. 


Linux Administration — The most important commands 


| will show and explain what is available to me in brief: the commands, installation and 
configuration of different servers, problems and their solutions and the shortcuts, which 
are very common and useful to be experienced in Debian-based Linux and especially 
Kali Linux. 


To simplify our documentation, the command line will begin after the dollar sign “$”. For 
real execution, some commands need to add “sudo” at the beginning (after “$S”) for 
granting permissions of root or superuser (maybe you will need to put it hereafter, if 
necessary in case it isn't found). If there is a hash sign “#” instead of “$” that means 
your commands will be executed with root permission, sometimes you should be in this 
mode to execute some commands. If you wish to add a comment to your command 
line just type “#” and put the comment. Putting the “;” in action after the command line 
is used to Separate commands. 
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Ctrl + alt + t, to run terminal in Ubuntu Linux or click on Start/Win and type “terminal” 
then click on Enter for Kali Linux. (For Ubuntu Linux, we will use the name of the 
release “Ubuntu 20.04 LTS”, even if it has been updated during making this book to be 
like Ubuntu 20.04.2 (20.04.x) LTS) 


ubunt@meet: ~ 


Figure 37: Terminal in Ubuntu 20.04 LTS 


4.2.1 Basic operations 


man ; An interface to the system reference manuals. The use of man pages on 
Unix/Linux can take not only commands but also: daemons (background programs), 
configfile (configuration files), maybe more. 


To find out manual or help about the command, type: 

$ man command_name 

To show the list of man pages containing a string “new user”, type: 
$ man -k "new user" 

Other help 


$ command_name --help 
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$ command_name -h 
$ info command_name 


sudo, sudoedit ; Execute a command as another user. Some commands need to be 
executed as root user, thus we type sudo command and then the specified command, 
press enter, and type the password of the root user. 


kalikal@kali:~$ sudo command_name 

To get a root user and execute the commands as root role type: 
kalikal@kali:~$ sudo su 

[sudo] password for kalikal: 

root@kali:/home/kalikal# 

Or: 

$ sudo -i 


Those two previous formats give the user or username: “kalikal and root” and a 
hostname: “kali”, which formed as following: username@hostname. 


echo ; This command displays a line of text/string on standard output or a file. It is very 
common command in script programming and batch file. 


Use option ‘\v’ - vertical tab with backspace interpreter ‘-e’ to have vertical tab spaces: 
$ echo -e 'Here \vthe \vspaces \vhave \wertical \vtab \vspaces.' 
uname ; Print system information. 


$ uname -a ; Print all information, in the following order, except omit -p and -i if 
unknown. 


$ uname -a; cat /etc/*ele* /etc/issue ; To find Kali linux version and other system 
information. 


whoami ; Print effective userid. Determine the current user account. 


kalikal@kali:~$ whoami 
kalikal 


One other way to get the username is by echoing the $USER environment variable. 
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kalikal@kali:~$ echo $USER 
kalikal 


hostnamectl ; Control the system hostname. 


$ hostnamectl ; List system information (Static hostname, Icon name, Chassis, Machine 
ID, Boot ID, Operating System, Kernel, Architecture). 


To change the hostname, type: 
$ sudo hostnamectl set-hostname newkali 


(You can also change it by editing the hosts and hostname files: “/etc/hosts” and 
“letc/nhostname”) 


w ; Show who is logged on and what they are doing. 
who ; Show who is logged on. 
pwd ; print name of current/working directory, 


kalikal@kali:~$ pwd 
/home/kalikal 


Is ; List directory contents 
System directory (all paths) exists in this path “/” 


kalikal@kali:~$ Is / 
bin dev home initrd.img.old lib32 libx32 media opt root sbin sys usr vmlinuz 
boot etc initrd.img lib lib64 lostt+found mnt proc run srv tmp var vmlinuz.old 


Note: pay attention when using root user in this path for modifying or removing any 
directory. 


Home contents exist in this path “/home/kalikal” for user kalikal. 


kalikal@kali:~$ Is 
Desktop Documents Downloads Dropbox Music Pictures Public Templates Videos 
‘VirtualBox Vms' 


List readable and hidden (begin by dot “.”) directories/files with other information in 
current directory (/nome/kalikal), 


kalikal@kali:~$ Is -la 


-a : do not ignore entries starting with. 
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-| : use a long listing format. 
To list all the files/directories, showing and sorting by access time, type: 
kalikal@kali:~$ Is -Itua 


To list all the files in ending with several file extensions (exp: all with .txt and .c 
extensions in home directory), type: 


$ Is -l /home/kalikal/*.{ txt,c} 

Including subdirectories (recursively) in home directory, type: 

$ find /home/kalikal -iname '*.txt' -or -iname '*.c' 

dir ; almost same command as Is 

tree ; List contents of directories in a tree-like format. 

nautilus ; File manager for GNOME. 

kalikal@kali:~§ nautilus . ; To explore the current directory in GUI mode. 
ranger ; Console file manager. 

To install the package, type: 

$ sudo apt install ranger 

Then, to run it, type: (you can use your mouse for a fast selection) 
$ sudo ranger 

xdg-open ; opens a file or URL in the user's preferred application. 
Open a file: 


kalikal@kali:~$ xdg-open file2.c 


Open an URL: 
kalikal@kali:~$ xdg-open https://www.shareforshow.com 
Browser 


$ firefox ; To open firefox web browser. 


$ firefox file://home/kalikal/ ; Open a user home directory to explore it in Firefox web 
browser. 


103 


$ firefox https:/www.shareforshow.com ; Open a website in Firefox web browser. 


links ; Lynx-like alternative character mode WWW browser. It can handle local (file://) 
or remote (http:// or ftp://) URLs. 


$ sudo apt install links ; To install it. 
$ links file://home/kalikal/ ; Open a user home directory to explore on the terminal. 


$ links https:/Awww.shareforshow.com ; Open a website on the terminal. 


.| ; To execute an executable program such as with an extension “.elf’ or without. 


kalikal@kali:~$ ./file3 
Hello Reader 


source ; Execute commands from a file in the current shell. 
$ source file_name [arguments] 

& ; Start a job in the Background. 

$ sudo command_name & 

wine/win64 ; Run Windows programs on Unix/Linux. 

clear ; Make the screen of terminal clear. 

$ clear 

mkdir ; Make directories, to create a folder type mkdir newfolder 
kalikal@kali:~$ mkdir newfolder 

cd ; Change the shell working directory. 

kalikal@kali:~$ cd newfolder 

touch ; Change file timestamps. 

To create a c file type: 

kalikal@kali:~/newfolder$ touch file1.c 

If you want to create 2 files, type: 

$ touch file1.c file3.c 


nano ; Text editor. 
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Example: 


Type the following code, save and close it by pressing “Ctrl + x”, type: y (for yes) and 
press Enter : 


kalikal@kali:~§ nano file3.c ; 

#include <stdio.h> 

int main() { 

/* comment: Program to print the sentence: Hello reader */ 
printf("Hello Reader\n"); 

} 


kalikal@kali:~$ gcc -o file3 file3.c ; Compile the program. 
kalikal@kali:~§ ./file3 ; Execute the program. 
Hello Reader ; Result. 


In ; make links between files. 
kalikal@kali:~$ In -s file3 link_file3 ; -s to make symbolic links instead of hard links. 


wc ; Stands for Word Count, it prints newline, word, and byte counts for each specified 
file. 


kalikal@kali:~$ we file3.c -l ; -! to print the newline counts. 
5 file3.c 


type ; Display the information about a command type. It finds out whether a command 
given to the shell will be executed as an external command or as a builtin command, 
also use it to show whether the command is aliased or not. 


For example: 


kalikal@kali:~$ type Is 
ls is aliased to ‘Ils -color=auto' 


$ type source 
source is a shell builtin 


$ type dir 
dir is /usr/bin/dir 


Some commands have both builtin and external versions: 


$ type -a echo 
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echo is a shell builtin 
echo is /usr/bin/echo 
echo is /bin/echo 


Because the builtin version takes priority, to run the external version, you must enter 
the full path to the command: 


$ /bin/echo Running the external echo command... 
Running the external echo command... 


cat ; Concatenate files and print on the standard output. 

kalikal@kali:~$ cat file3.c ; Print “file3.c” file contents on the standard output. 
more ; Print file contents with the display of reading percentage(0 - 100%). 

less ; Print file contents. 

head ; Print the first part of files, the first 10 lines of each FILE to standard output. 
tail ; Print the first part of files, the last 10 lines of each FILE to standard output. 
mv ; move and rename files, 

To rename it, type: 

kalikal@kali:~/newfolder$ mv file1.c file2.c 

To move it to destination (path) “/home/kalikal” , just type: 
kalikal@kali:~/newfolder$ mv file3.c /home/kalikal 

cp ; Copy files and directories. 

Copy “file2.c” file to destination(path) /home/kalikal, 

kalikal@kali:~/newfolder$ cp_file2.c /home/kalikal 


rm ; Remove files or directories, after displaying what we have from files and folders 
we remove the file as following: 


kalikal@kali:~/newfolder$ Is 
file2.c 


kalikal@kali:~/newfolder$ rm file2.c 


To remove our folder we make, 
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kalikal@kali:~/newfolder$ cd .. 

kalikal@kali:~§$ rm -r newfolder/ ; -r: remove directories and their contents recursively. 
Adding -f to force the removal operation even for files which aren't writable. 

shred ; Overwrite the specified file to hide its contents, and optionally delete it. 

$ shred -uvz file2.c 


It will randomly overwrite “file2.c” 3 times by default. Adding the flag “z” will overwrite 
the file by zero at the end of overwriting process. By adding -n 5, it will overwrite 6 
times including the last overwrite of zeros. 


-u ; Deallocate and remove file after overwriting. 

-v ; Show progress. 

-z ; Add a final overwriting with zeros to hide shredding. 
Recursively erase the files in the folder: 

$ find Directory/ -type f -exec shred -uvz {} \; 

To erase the drive (here, “/dev/sdb” is the usb device), type: 
$ sudo shred -uvz /dev/sdb -n 1 

To see the contents, type: 

$ sudo hexedit /dev/sdb 


Note (See command help): Delete FILE(s) if --remove (-u) is specified. The default is 
not to remove the files because it is common to operate on device files like /dev/hda, 
and those files usually should not be removed. 


sleep ; Delay for a particular amount of time. It helps to delay the execution. By default 
it takes time by second, adding a suffix s (Second, is same here as default), m 
(minute), h (hour), or d (day) at the end is for another delay time. 


$ sleep --version 
sleep (GNU coreutils) 8.32 
Copyright (C) 2020 Free Software Foundation, Inc. 


$ sleep 5 ; Timeout is 5 seconds 
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$ sleep 1m ; Timeout is 1 minute 


alias ; alias is used to define a command or set of commands from redundance with a 
simple short name. 


The default aliases defined for my user is: 


$ alias 
alias Is='ls —color=auto' 


As we see /s_ is equivalent to running /s --color=auto 

The format for creating an alias is: 

alias abbrev-name="your command here" 

$ alias wrd="cd /var/www/htm|" 

wrd is used to be a shortcut to go to the webroot directory. 


kalikal@kali:~$ wrd 
kalikal@kali:/var/www/html$ 


To create permanent alias: 
Append the following line for example to “.bashrc’” file: 


$ nano ~/.bashrc 


alias wrd="cd /var/www/html" 


And If you want to use this alias in the current session, reload the user’s shell 
configuration profile file: 


$ source ~/.bashrc 
be ; Calculator. 


$ be 

be 1.07.1 

Copyright 1991-1994, 1997, 1998, 2000, 2004, 2006, 2008, 2012-2017 Free Software 
Foundation, Inc. 

This is free software with ABSOLUTELY NO WARRANTY. 

For details type ‘warranty’. 

BFS 
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quit 
Playing video and audio files 
Install VLC program: 


$ sudo apt update 
$ sudo apt install vic 


Launch a GUI mode: 

$ vic 

Read the mp3 or aac file (are only audio) in the terminal: 

$ nvic file.mp3 

Play mp3 or aac file with other program: 

$ ffplay file.mp3 

Convert .mp3 to .aac file 

Convert one file: 

$ ffmpeg -i file.mp3 file.aac 

Convert set of files: 

$ for file in *.mp3; do ffmpeg -i "$file" "${file%.mp3}.aac"; done 
eject ; Eject removable media. 

Printing documents 

To install and configure a printer, type 

$ sudo apt install cups 

cups ; Astandards-based, open source printing system. 

$ sudo service cups start 

$ firefix http://127.0.0.1:631 ; Open CUPS printer via Web Browser. 
File and text processing 

file ; Determine file type. 


Check the version of file utility, 
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kalikal@kali:~$ file -v 
file-5.38 
magic file from /etc/magic:/usr/share/misc/magic 


Simple Check, 

kalikal@kali:~$ file Desktop 

Desktop: directory 

Read block or character special files, 

$ sudo file -s /dev/sda 

sum ; checksum and count the blocks in a file 


$ sum file4.c 
00542 «1 


Searching 
Search all files dated at “Jan 7”: 
kalikal@kali:~$ Is -ItrR \grep "Jan 7" 


grep, egrep, fgrep, rgrep ; Print lines that match patterns, to search “file” in 
path /homefkalikal, type: 


kalikal@kali:~§ Is /home/kalikal | grep file 
file2.c 
file3.c 


locate ; Find files by name. 


kalikal@kali:~§ locate file3.c 
/home/kalikal/file3.c 
/home/kalikal/link_file3.c 


whereis ; Locate the binary, source, and manual page files for a command. 


kalikal@kali:~§ whereis locate 
locate: /usr/bin/locate /usr/share/man/man1/locate.1.gz 
find ; Search for files in a directory hierarchy. 


To find multiple files such as .c, .mp3 or .txt, in a current working directory, type: 


kalikal@kali:~§ find . -type f -name "*.c" 
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To find them in all system directories just instead of “.” write “/’, such as following: 
kalikal@kali:~§ sudo find / -type f -name "*.c" ; Thus change the path for specify search 
Find all c files whose name is “file2.c” in a current working directory, 


kalikal@kali:~$ find . -type f -name file2.c 
/file2.c 


Find all the files whose name is “file2.c” and contains both capital and small letters in 
“/home/” directory. 


kalikal@kali:~§ find /home/ -iname file2.c 
/home/kalikal/File2.c 
/home/kalikal/file2.c 

To find and remove multiple files such as “.txt” in a current working directory, then use: 
kalikal@kali:~$ find . -type f -name "*.txt" -exec rm -f {}\; 

To file all empty directories under a certain path, type: 

kalikal@kali:~$ sudo find /tmp -type d -empty 

To find all empty files under a certain path, type: 

kalikal@kali:~$ sudo find /tmp -type f -empty 

To find all 50MB files, type: 

kalikal@kali:~$ sudo find / -size 50M 

To find all the files which are greater than 50MB and less than 100MB, type: 
kalikal@kali:~$ sudo find / -size +50M -size -100M 

To find all the files which are modified 30 days back, type: 

kalikal@kali:~$ sudo find / -mtime 30 


sed ; Stream editor for filtering and transforming text. Thus the sed command is useful 
for deleting and modifying files. 


Create a “testfile” file with the following information: 
$ cat > testfile 


First car is fast 
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Second car is slow 

Replace “car” by “train” in every line: 

$ sed 's/car/train/g' testfile 

Using sed -/ to edit the file, so to save the file with the last operation, we do: 
$ sed -i 's/car/train/g' testfile 

Other syntaxes may use: 

$ sed -i 's+car+train+g' testfile 

$ sed -i 's_car_train_g' testfile 

Or with adding / option to GNU sed to case insensitive search: 
$ sed -i 's/car/train/gI' testfile 

$ sed -i 's_car_train_glI' testfile 

Replace a string with a variable in every line: 


$ var=boat 
$ sed -i "s/train/$var/g" testfile 


Delete the first word from every line: 
$ sed 's/\w*//' testfile 

Delete the last word from every line: 
$ sed 's\w*$//' testfile 

Delete line number “n”: 

$ sed ‘nd’ testfile 


$ sed '1d' testfile 
Second car is slow 


Delete a range of lines “m,n”: 
$ sed 'm,nd' testfile 


$ sed '1,2d' testfile 
(empty) 
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Delete the last line: 
$ sed '$d' testfile 
Delete a lines with a given word (pattern) “slow” (even one char): 


$ sed '/slow/d' testfile 
First car is fast 


Delete a line with a given word (even one char): 


$ sed '0,/Sec/{//d;}' testfile 
First car is fast 


Delete the first matched word (even one char): 

$ sed '0,/car/ s///' testfile 

Append a line after “nth” line (with saving it) using the line number: 
$ sed 'n a <add-here-the-line>' testfile 

$ sed -i '2 a Third car is moderate’ testfile 

Append a line at the end (after last line): 

$ sed ‘$a fourth car is moderate’ testfile 

Append the line after the line where pattern match is found: 
$ sed '/Pattern/ a <add-here-the-line>' testfile 

Insert a line before “nth” line using the line number: 

$ sed 'n i <add-here-the-line>' testfile 

Insert the line before every line where pattern match is found: 
$ sed '/Pattern/ i <add-here-the-line>' testfile 

Files Compression 

tar ; An archiving utility. 


$ tar -cvf Dertar Directory/ ; Create a new archive “Der.tar” of the folder/directory 
“/Directory” and its files. 


$ tar -tvf Der.tar ; List the contents of the archive “Der.tar” 
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$ tar -xvf Der.tar ; Extract files from the archive “Der.tar’. If the directory "Directory/" 
exists with the same name contained in the archive "Der.tar: Directory/files" such as 
our example, it will erase this one and taking its original name as a newly-created 
directory. 


$ tar -rvf Der.tar file8 ; Append the “file8” to the end of the archive “Der.tar” 
$ tar --delete -vf Der.tar file8 ; Delete “file8” from the archive “Der.tar” 
-C or --create ; Create/compress a new archive. 

-v or --verbose ; verbosely list files processed 

-f or --file=ARCHIVE ; Use archive file or device ARCHIVE 

-t or --list ; List the contents of an archive. 

-x or --extract or --get ; Extract/uncompress files from an archive. 
-r or --append ; Append/insert files to the end of an archive. 
--delete ; Delete from the archive. 

Line of loop instruction to extract a set of compressed files: 

$ for fin *.tar.gz; do tar xzf $f; done 

zip ; Package and compress (archive) files. 

$ zip file_zip.zip file8 


$ zip -r Der_zip.zip Directory/ ; Adding recursively the folder/directory “Directory/” with 
its files to “Der_zip.zip” archive/zip file. 


To apply a password with adding files to a zip file, type: 
$ zip --password "MyPassWOrd." -r Der_zip.zip Directory/ 
To extract it, type: 


$ unzip Der_zip.zip 
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4.2.2 AWK Programming 


awk ; (Stands for the initials of its designers “Aho, Weinberger, and Kernighan”) is a 
scripting language (an interpreted programming language), in which the basic function 
of it is to search files for lines (or other units of text) that contain certain patterns. awk 
programs are data driven i.e. you describe the data you want to work with and then 
what to do when you find it. nawk is a newer version of awk, and gawk is gnu awk. 


Formats: 
=> Format for a command line: 
$ awk ‘program’ input-file1 input-file2 ... 
You can run awk without input files: 
$ awk ‘program' 
=> Format for executing an awk script file: put the program in the file and run it with: 
$ awk -f program-file input-file1 input-file2 ... 
You can likewise run awk script without input files: 
$ awk ‘program-file’ 
Print a simple message: 


$ awk 'BEGIN { print "Hello world! Let\47s get ready!" }' 
Hello world! Let's get ready! 


With awk script “program-file”: 

#! /bin/awk -f 

BEGIN { print "Hello world! Let\47s get ready!" } 
To execute it, type: 

$ awk -f program-file 

Or: 


$ chmod +x program-file 
$ /program-file 
Hello world! Let's get ready! 
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Create a text file “student.txt” and fill it out with some information. For saving, end by 
ctri+d (Same action as the command cat with: cat > student. txt): 


$ awk '{ print }' > student.txt 
ID: Name: — Field: 
0001 Kader’ IT 

0002 Sami Mechanics 
0003 Meriam Medicine 


To print the file (like the command cat with: cat student.txt), type: 
$ awk '{ print }' student.txt 

Or with: 

$ awk {print $0}' student.txt 

To print the second column ($2) and the third ($3), type: 

$ awk {print $2 "\t" $3}' student. txt 


Name: Field: 
Kader IT 
Sami Mechanics 


Meriam Medicine 
Append other line to the file: 


$ awk '{ print }' >> student.txt 
0004 Adam _ IT 


Diplaying fileds 


The “/etc/passwd” file contains 7 columns separated with colons “:” such as the 
following output: 


$ awk '{ print }' /etc/passwd 
root:x:0:0:root:/root:/bin/bash 


Each column (field) has the following information: 
=> 1. Username. ($1) 


= 2. Encrypted password (x means that the password is stored in the 
“letc/shadow’ file). ($2) 
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=> 3. UID (User ID number). ($3) 
=> 4. GID (User’s group ID number). ($4) 
> 5. Full name of the user (GECOS). ($5) 
=> 6. User home directory. ($6) 
=> 7. Login shell (defaults to /bin/bash). ($7) 
Where $1 is the first column which indicates the system usernames. 
$ awk -F: '{ print $1 }' /etc/passwd 
Where $6 is the sixth column indicates the user home directory. 
$ awk -F: '{ print $6 }' /etc/passwd 
Print the lines which matches with the given pattern “IT”: 


$ awk '/IT/ {print}' student.txt 
0001 Kader IT 
0004. Adam _ IT 


Counting the lines: 


$ awk '{ i++ } END { print "count is: "i }' student. txt 
count is: 5 


Sum of numbers: 
Add some numbers to a file “sum-file” 


$ awk '{ print }' > sum-file 
5 
6 
9 


awk sum command line: 


$ awk '{ sum += $1 }; END { print sum }' sum-file 
20 


Delete lines with a given word “slow” (using the last file “testfile” in sed commana): 


$ awk '!$ awk '!/slow/' testfile > tmpfile && mv tmpfile testfile 


117 


4.2.3 System 


Getting the system's hardware information 

1. 

$ sudo dmidecode -t keyword 

Change the keyword to get desired information from one of the following: 


bios, system (Exp of output: Manufacturer, Product Name, Serial Number of the 
computer), baseboard, chassis, processor, memory, cache, connector, slot. 


2. 

$ cat /proc/cpuinfo ; Display CPU data. 

$ cat /proc/stat ; Display CPU data. 

$ cat /proc/meminfo ; Display Memory data. 
$ cat /proc/diskstats ; Display Disks data. 

$ cat /proc/net/dev ; Display Network data. 
Show information about your display 
$ xrandr -q 

System monitor 


$ gnome-system-monitor ; Run the integrated application in GUI mode for System 
monitoring. 


Or with sysmon, 

$ sudo apt install python3-pip ; To install pip3. 

$ pip3 install sysmon ; To install the application. 

$ sysmon 

uptime ; Tell how long the system has been running. 

ps ; Display information about a selection of the active processes. 
$ ps -ef ; TO See every process on the system. 


Or with : 
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$ ps axu 

$ ps axjf ; To print a process tree. 

$ ps axms ; To get info about threads. 
$ ps axZ ; To get security information. 


$ ps -U root -u root u ; TO see every process running as root (real & effective ID) in user 
format. 


tty ; Print the file name of the terminal connected to the standard input. 


By default there are 7 ttys sessions, there may be less or more in some Linux 
distributions, so to print Current tty, type: 


$ tty 
/dev/pts/2 


But here, it shows us in which session we are in pts and not tty. Then, to list and find 
out information about running tty sessions, type: 


$ ps aux | grep tty 

To change other tty session for example number 4, type: 
$ sudo chvt 4 

After login as root user, we type tty: 


root@kali:~# tty 
/dev/tty4 


Now we have the tty session number. 
If you want to turn back if your GUI session is logged in on tty2, type: 
root@kali:~# chvt 2 


As we have noticed that we have got in output “/dev/tty?” And “/dev/pts/?”, let us 
explain in brief the difference. The difference stands in the type of connection to the 
computer. TTY (text input/output environment) is TeleTYpewriter originally and now 
also means any terminal on Linux/Unix systems. It also means any serial port on 
Unix/Linux systems. Thus, TTY ports are direct connections to the computer such as a 
keyboard/mouse. Where PTS (pseudo terminal slave) is the slave part of a pty, and pty 
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(pseudo terminal device) is a terminal device which is emulated by another program 
(example: xterm, screen, or ssh are such programs). 


top ; Display Linux processes. 
$ top -u root ; Show only the processes of a given user, here is root. 


To kill a process, hit k key letter when top command is running and type the number of 
PID (Process |!Dentification) you will see from the list of the processes you want to kill 
and hit enter. 


To renice a process (changing the priority of a process for execution), hit r key letter 
when the top command is running (with sudo: $ sudo top) and type the number of PID 
you want to renice and give the value, where the nice value of the process can have a 
range between -20: highest priority and +19: lowest priority, by default the value is 0. 
In this case, the CPU (processor) executes the processes depending on the nice value 
(the process priority, only controls how much CPU time each process is allocated. 
There is another priority called: real-time priority which goes from 1 to 99, with 100 to 
139 dedicated to user-space) of a process, so if the value is lower, that means high 
priority is to be executed, i.e. it will be executed more often. Otherwise the process will 
be executed less often. 


After renice the process firefox-esr with PID: 2313 from O to -19, following above 
given method, we verify the process priority: 


$ ps -o pid,comm, nice -p 2313 
PID COMMAND NI 
2313 firefox-esr -19 


Exit top command automatically after n refreshes: 

$ top -n3 

htop ; Interactive process viewer. 

$ htop -t ; Show processes in tree view. 

$ htop -u root ; Show only the processes of a given user, here is root. 
dmesg ; Print or control the kernel ring buffer. 

$ dmesg 


Ismod ; Show the status of modules in the Linux Kernel. 
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$ Ismod 

insmod ; insert a module into the Linux Kernel 

$ sudo insmod module_name 

rmmod ; remove a module from the Linux Kernel 

$ sudo rmmod module_name 

modprobe ; Add and remove modules from the Linux Kernel. 
Example of solution for Touchpad, tap to click problem. 


kalikal@kali:~$ sudo modprobe -r psmouse ; remove psmouse module from the kernel 
kalikal@kali:~$ sudo modprobe psmouse proto=imps 
kalikal@kali:~$ sudo modprobe psmouse 


In other case you will find that the tap to click is disabled by a default, to enable it we 
use gsettings command. 


gsettings ; Offer a simple commandline interface to GSettings. It lets you get, set or 
monitor an individual key for changes. 


$ gsettings list-recursively org.gnome.desktop.peripherals.touchpad ; To show current 
settings of Touchpad. 


org.gnome.desktop.peripherals.touchpad tap-to-click false 


The output shows it with false value, to enable it type: 
$ gsettings set org.gnome.desktop.peripherals.touchpad tap-to-click true 


Systemd, init ; Systemd system and service manager. init Sends control commands to 
the init daemon. 


$ init 0 ; Shut down the system/machine. 
6 ; Reboot the machine. 

2, 3, 4, 5 ; Start runlevelX.target unit. 

1, s, S ; Enter rescue mode. 


q, Q ; Reload init daemon configuration. 


121 


u, U ; Reexecute init daemon. 
journalctl ; Query the systemd journal. 


$ sudo journalctl -u ssh ; -u: Show messages for the specified systemd unit UNIT (Such 
as a service unit, in our example is the SSH service), or for any of the units matched by 
PATTERN. 


$ sudo journalctl -a ; -a: Show all fields in full. 


A Systemd is a system and a service manager for Linux. Systemd runs as a daemon 
with PID 1 (When run as first process on boot), it acts as an init system that brings up 
and maintains userspace services. Separate instances are started for logged-in users 
to start their services. Systemd can be queried and controlled by systemctl. Systemd 
has many features such as: 


=> Offers on-demand starting of daemons. 
=> Provides aggressive parallelization capabilities. 
= Maintains mount and automount points. 


A daemon (background processes) is a type of program on Unix/Linux operating 
systems that runs unobtrusively in the background and often starts on boot, rather than 
under the direct control of a user, waiting to be activated by the occurrence of a 
specific event or condition. Almost all daemons end with letter “d” in their names. For 
example sshd which handles the SSH, the secure remote access connections. The 
directory “/etc/init.d” contains the shell scripts which are used to start and stop 
daemons. 


systemctl ; Control the systemd system and service manager. 
$ systemctl ; List of all loaded systemd units including services. 
$ systemctl --failed ; List failed units. 

$ systemctl list-unit-files ; List installed unit files. 

To list all loaded services of the System, type: 

$ systemctl list-units --type=service 

Or: 


$ systemctl --type=service 
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To list all loaded but active services, both running and those that have exited, type: 
$ systemctl list-units --type=service --state=active 

Or: 

$ systemctl --type=service --state=active 

To list all loaded and actively running services, type: 

$ systemctl list-units --type=service --state=running 

Or: 

$ systemctl --type=service --state=running 

Other useful operations 

$ sudo systemctl daemon-reload ; Reload systemd manager configuration. 

$ sudo systemctl start nginx ; Start (activate) one unit “nginx” : The Web Server. 

$ sudo systemctl reload nginx ; Reload nginx service. 

$ sudo systemctl status nginx ; Status of nginx service. 

$ sudo systemctl restart nginx ; Restart nginx service. 

$ sudo systemctl stop nginx ; Stop nginx service. 

$ sudo systemctl kill nginx ; Kill nginx service with sending a signal to its processes. 


service ; Run a System V init script or systemd unit in as predictable environment as 
possible, removing most environment variables and with the current working directory 
set to /. 


$ service --status-all 

$ sudo service start service_name; 
§$ service status service_name;: 

$ sudo service restart service_name; 
$ sudo service stop service_name 


Isof ; “LiSt Open Files” is used to find out which files are open by which process. 
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$ lsof ; List all Open Files. Which displays the columns: COMMAND, PID, TID (Task 
(Thread) IDentification number. A blank TID column in Linux indicates a process - i.e., 
a non-task), TASKCMD (Task Command name), USER, FD (File Descriptor), TYPE, 
DEVICE, SIZE/OFF, NODE, NAME. 


$ sudo Isof ; With “sudo”, to list all open files corresponding to all users. 


$ lsof -i tcp:443 ; Filtering by port number to find out all the running process of specific 
port. 


If the process is not found, it either does not exist or effectively does exist but the 
command line needs a “sudo” for granting the privilege, 


$ sudo lsof -i tcp:443 


$ lsof -u User ; List by USER. Change “User” to root or whatever user you have to run 
this command. 


$ lsof -i 4 ; Listing with showing only the TYPE IPv4 or IPv6 when we put instead of 4, 
6. 


$ sudo Isof -p 1 ; Search by PID, showing us whose PID is 1. 
kill ; Send a signal to a process. 
$ kill -L ; List signal names. 


$ kill -19 ; Translate number 9 into a signal name. 
KILL 


$ kill -9 -1 ; Kill all processes you can kill. 


$ sudo kill -9 'Isof -t -u kalikal' ; kill all the processes for a specific user. For example, 
here is the user kalikal and -t is using to list only the PIDs. 


id ; Print real and effective user and group Ids. 

$ id -un ; Display only an effective user name. You get it also with: 
$ echo $USER 

$ id -gn ; Display only an effective group name. 

adduser ; Add a user to the system. 


$ sudo adduser newuser 
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Add user to sudoers file to run commands as superuser privileges, 

$ usermod -aG sudo newuser 

addgroup ; Add a group to the system. 

passwd ; Change user password. 

$ sudo passwd newuser 

Find users 

$ cat /etc/passwd ; List the Local users information. 

$ awk -F: '{ print $1}' /etc/passwd ; List only usernames located in the first field of the file. 
To list all normal users in your system, type: 


$ getent passwd {1000..60000} ; Each user contains a numeric user ID called UID. 1000 
and 6000 stands on the output of your system as U/D_MIN and UID_MAX: 


kalikal@kali:~$ grep -E '\UID_MIN|\UID_MAX' /etc/login.defs 


UID_MIN 1000 
UID_MAX 60000 
Or: 


$ eval getent passwd {$(awk '/SUID_MIN/ {print $2}' /etc/login.defs)..$(awk '/\UID_MAX/ 
{print $2}' /etc/login.defs)} 


deluser ; Remove a user from the system. 

$ sudo deluser newuser 

delgroup ; Remove a user or a group from the system. 

Date 

date ; Print or set the system date and time. 

kalikal@kali:~$ sudo date -s "16:59" 

-S ; set time described by STRING. 

timedatectl ; Control the system time and date. 

timedatectl ; Display the current settings by printing time, date and other information. 


timedatectl set-time 'VYYY-MM-DD HH:MM:SS' : Set time and date in one time. 
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timedatectl set-time HH:MM:SS : Set the time. 

timedatectl set-time YYYY-MM-DD ; Set the date. 

You can also change the timezone as following: 

timedatectl list-timezones ; List the available timezones. 

timedatectl set-timezone 'Your_NewTimeZone' : Select a time zone. 

Using other command, you can also configure the timezone by applying as following: 
$ sudo dpkg-reconfigure tzdata 

cal/ncal ; Display a calendar and the date of Easter. 

Language 

1. Change system language: 

To check the current system language, type: 

$ sudo env|grep LANG 

And then switch it with: 

$ sudo dpkg-reconfigure locales 

Logout or reboot the system to make a change. 

2. Change text language: 

$ setxkbmap us ; To English. 

$ setxkbmap de ; To german. 

$ setxkbmap ru ; To russian. 

$ setxkbmap ar ; To arabic. 

If it doesn’t work properly, do that with gsettings command: 

$ gsettings set org.gnome.desktop.input-sources sources "[('xkb’, 'us')]" ; To english. 
$ gsettings set org.gnome.desktop.input-sources sources "[('xkb’, 'de')]" ; To german. 
$ gsettings set org.gnome.desktop.input-sources sources "[('xkb’, 'ru')]" ; To russian. 


$ gsettings set org.gnome.desktop.input-sources sources "[('xkb’, 'ara')]" ; To arabic. 
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3. Adding languages: 


We will modify input sources of keyboard layouts, to be four languages (english, 
russian, german, arabic). 


$ gsettings set org.gnome.desktop.input-sources sources "[('xkb’, 'us'), (‘xkb', 'ru'), (‘xkb', 'de’), 
(‘xkb’, ‘ara')]" 


Start a new session 
exec ; Execute a file. 
$ exec startkde ; Start a new KDE session, if KDE interface is installed on your system. 


$ exec gnome-session ; Start anew gnome session. 


4.2.4 Remote operations 


rdesktop ; Remote Desktop Protocol client to open a window of the remote machine. 
$ rdesktop ip_address -f ; -f for fullscreen mode. 

Ctrl + Alt enter ; Cancel full screen. 

ssh ; OpenSSH remote login client. To open a secure shell of the remote machine. 


$ ssh root@ip_address ; Get root user account of the remote machine. Adding: -p 
port_number, if the connected port is not the default port number 22. 


$ ssh -X root@ip_address ; Here, you can execute GUI applications of the remote 
machine and display them on your local machine. 


-X ; Enables X11 forwarding. 

Configure SSH Server to accept a connection from ssh client 

To allow SSH client to log in to a remote Server, we take the following steps: 
Edit the file sshd_config and add the following parameter: 

$ nano /etc/ssh/sshd_config 

PermitRootLogin yes 

Save and close the file (Ctrl+x, type: y). 


To Unlock a root user's password: 
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$ usermod -U root 

Open SSH port on the Firewall (ufw) for our remote Server: 

$ sudo ufw allow 22 

Start the SSH Server: 

$ sudo service ssh start 

Login securely to remote Server (Ubuntu 20.04 LTS) without a password 


kalikal@kali:~$ ssh-keygen 

Generating public/private rsa key pair. 

Enter file in which to save the key (/home/kalikal/.ssh/id_rsa): 
Enter passphrase (empty for no passphrase): 

Enter same passphrase again: 

Your identification has been saved in /home/kalikal/.ssh/id_rsa 
Your public key has been saved in /home/kalikal/.ssh/id_rsa.pub 
The key fingerprint is: 
SHA256:A/rIsxHpQILGdXr4xdt3CYQMBkytKIqKhH9RL1RUU7o kalikal@kali 
The key's randomart image is: 

+---[RSA 3072]----+ 

| .o+tot++.+o. | 

|O. +.0..0.0 | 

|00.0..0+ .. | 

[AE SOO! 5 | 

lt+o++0o0S.E.0 | 

[cess sa 5 | 

[at es | 

lo. .+ | 


+----[SHA256]-----+ 


Copy the SSH public key to the remote Server 


The file authorized_keys will be created in the directory § “.ssh” 
(/nome/ubunt/.ssh/authorized_keys) and will be updated by the content of the 
generated file “id_rsa.pub”. 


Copying can be done as following: 
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$ cat .ssh/id_rsa.pub | ssh ubunt@192.168.0.101 ‘cat >> .ssh/authorized_keys' ; The redirect 
symbole “>>” appends the content instead of overwriting, thus keeping other keys if 
they exist. 


If “.ssh” directory doesn’t exist on the remote Server, add it withing the same 
command: 


$ cat ~/.ssh/id_rsa.pub | ssh ubunt@192.168.0.101 'mkdir -p ~/.ssh && cat >> 
~/.ssh/authorized_keys' 


Or: 


kalikal@kali:~$ ssh-copy-id -i ~/.ssh/id_rsa.pub ubunt@192.168.0.101 

/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/home/kalikal/.ssh/id_rsa.pub" 
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are 
already installed 

/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to 
install the new keys 

ubunt@192.168.0.101's password: 

Number of key(s) added: 1 

Now try logging into the machine, with: "ssh 'ubunt@192.168.0.101'" 

and check to make sure that only the key(s) you wanted were added. 


Now is the time to login without a password 

$ ssh ubunt@192.168.0.101 

Or with an assigned SSH private key, if there are others on your System: 

$ ssh -i ~/.ssh/id_rsa ubunt@192.168.0.101 

Turn off/disable the simple password authentication on your remote server: 


If only you want to get access to remote Server with SSH key-based authentication, 
then edit the file sshd_config on the remote server: 


$ sudo nano /etc/ssh/sshd_config 


PasswordAuthentication no 


Save and close the file. 


$ service ssh restart 
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This procedure avoids the SSH password brute force attack. 
Troubleshooting 

In some cases, SSH client fails to login in a remote server, to solve it, type: 
$ ssh-keygen -f "~/.ssh/known_hosts" -R "192.168.0.101" 


-R ; Removes all keys belonging to the specified hostname (with an optional port 
number) from a known_hosts file. This option is useful to delete hashed hosts. 


scp ; OpenSSH secure file copy. 


$ scp -C -r /root/directory_to_copy/ 
username@ip_address:/home/username/directory_where_copying 


-C ; Compression enable. 
-r ; Recursively copy entire directories. 


sftp ; OpenSSH secure file transfer. 
To download a file from a remote server, type: 


$ sftp username@ip_address 

sftp>Is ; Printing directories and files located in “/nhome/username/” (in “/root”, if the 
username is root of the remote machine). 

sftp>cd directory_name ; Change directory name on the remote machine. 

Icd Downloads/ ; Determine where file will be downloaded on the local machine. 

get file ; Downloading the file. 

bye ; Or exit to quit the command sftp. 


To upload directory i.e. from a local machine to a remote machine, type: 


$ sftp username@ip_address 

Icd /home/username/directory_to_upload/ ; Determine the directory on the local machine 
for uploading. 

mkdir new_folder ; Create folder on the remote machine. 

cd new_folder ; Change and determine where directory will be uploaded 

put -r. ; Upload directory on the remote machine “/home/username/new_folder/” 
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4.2.5 Disk Management 


To edit system partitions, it is best and safe to do so from a boot, for example from a 
Live CD/DVD. 


Isblk ; List block devices. 

$ Isblk 

cfdisk ; Display and simplify the manipulation of the disk partition table in CLI mode. 
$ sudo cfdisk 

fdisk ; Manipulate disk partition table. 


kalikal@kali:~§ sudo fdisk -I ; -I ; List the partition tables for the specified devices and 
then exit. 


kalikal@kali:~$ sudo fdisk -l /dev/sda ; Get information about Disk “/dev/sda’. 


kalikal@kali:~$ sudo fdisk /dev/sda ; Enter into command mode. 
Welcome to fdisk (util-linux 2.35.2). 

Changes will remain in memory only, until you decide to write them. 
Be careful before using the write command. 

Command (m for help): q ; g To exit without saving changes. 


Example of disk manipulation for a flash drive, 
Recognize our device name (sdb1 or sdc1,..) of the flash drive, 


$ sudo fdisk -l 
Or: 
$ Isblk 


Then, 

$ sudo fdisk /dev/sdc1 

Command (m for help): m ; For help. To see a list of the commands you can use. 
Command (m for help): p ; Use to print the current partition table. 

Command (m for help): d ; To delete a partition. 


For example, If the device is encrypted and contains a ‘crypto _LUKS' signature or 
contains ‘ext4' signature, then it can be removed by a write or w command. In this 
case when we type d command, we will get as result “no partition is defined yet!”. 
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Command (m for help): w ; To remove the signature, save change and quit. 


$ sudo fdisk /dev/sdc1 
Command (m for help): i; Print information about a partition. 


Command (m for help): F ; List free not partitioned space. You will find here, that the 
device is unpartitioned (Unpartitioned space /dev/sdc1: 15.1 GiB, 16114515968 bytes, 
31473664 sectors) 


Command (m for help): n ; Create a new partition. You can create logical partition by 
typing / or p for primary partition. By typing p and letting the other by default, we get: 
“Created a new partition 1 of type ‘Linux’ and of size 15 GiB’. 


Command (m for help): p ; The partition appears to be the new name device: 
/dev/sdcip1 with the size 15G but doesn’t make change to the disk until we use w. 


A disk can only have four primary partitions based on MBR structure (Master Boot 
Record: is a special boot sector located at the very beginning of partitioned drive such 
as a hard drive, a removable drive. This sector contains an executable code which is 
usually referred to the boot loader for the installed operating system and information 
about the drive’s logical partitions). 


That means MBR does have its limitations. Thus for the beginner, MBR only works with 
disks up to 2 TB in size. Because MBR uses 32 bits for logical block addressing (LBA) 
of traditional 512 byte disk sectors. Therefore the address range is 2°? = 4G and the 
size limitation is 4G * 512 Bytes = 2TB. 


However, you can get three primary partitions and one extended partition where you 
will be able to have any number of logical partitions within it. 


The UEFI (Unified Extensible Firmware Interface) replacement for BIOS supports 
GUID (Globally Unique |Dentifier) partition tables (GPT), which do not have this 
limitation. GPT is nevertheless also used for some BIOS systems, because of the 
limitations of master boot record (MBR) partition tables. 


If we want to change the partition type, we can use the t command and specify the 
partition’s number (if there are more than one partition). We will be asked for the hex 
code of the type. We can type L to view a list of hex codes. 


Command (m for help): w ; Write the table to the disk and exit. 


If it is failed to add partition 1 to system, repeat again: 
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$ sudo fdisk /dev/sdc1 

Command (m for help): w 

To use the device, we will go to next step for formatting a partition, 
mkfs ; Build a Linux Filesystem. 

mke2fs ; Create an ext2/ext3/ext4 Filesystem. 


mkfs.ext4 is used to format a partition with ext4 Filesystem. To format the device 
(contained only one primary partition), we type: 


$ sudo mkfs.ext4 /dev/sdc1 

gparted ; GNOME Partition Editor for manipulating disk partitions (GUI mode). 
kalikal@kali:~$ sudo gparted 

dd ; Copy a file, converting and formatting according to the operands. 


Filling/overwrite the drive “/dev/sda” or some partition as “dev/sda3” with random 
data: 


$ dd if=/dev/urandom of=/dev/sda bs=4k ; bs: read and write up to 4096 bytes at a time. 
Clean up/overwrite a hard drive(may need to be repeated) 

$ dd if=/dev/zero of=/dev/sda bs=4k 

Verify that the drive is really zeroed out: 

$ sudo dd if=/dev/sda | hexdump -C | grep [00] 


You can use three operations above to verify, erase and lose permanently the data in 
the drive/partition/file and make the data impossible to be retrieved. For the filling you 
can determine the count of bytes or dd will be run by default, automatically keep going 
until the input run out or the size of destination is out. If it is a file, it is recommended 
adding count=”N” (copy only N input blocks, N=1000 => N = 512 kB) to command for 
determining the same size as the file, otherwise dd will exceed the current size and 
keep going as explained before and making a space availability problem for the 
System. 


To clone a partition “sda6” to other external drive(USB stick) “sdb1” as an example, we 
type: 
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$ sudo dd if=/dev/sda6 of=/dev/sdb1 bs=2048 status=progress 
bs ; Read and write up to 2048 bytes at a time. 
status=progress ; For verbose i.e. displaying how the progress operation is going. 


To print the file to stdout (also known as standard output) (or simply printing in the 
terminal), type: 


$ dd if=/home/kalikal/file3.c 
du ; estimate file space usage, 


kalikal@kali:~$ du -sh file2.c 
0 file2.c 


-S : Display only a total for each argument. 
-h : Print sizes in human readable format (e.g., 1K 234M 2G). 


kalikal@kali:~§$ du -sh ; To get the used space in “/home/kalikal” directory. 


4.2.6 Virtual environment 
1. With python3 


To create and manage virtual environments, type: 
$ sudo apt install python3-venv 
$ python3 -m venv virtualenv-path 


This will create the “virtualenv-path” directory if it doesn’t exist, and also create 
directories inside it containing a copy of the Python interpreter, the standard library, 
and various supporting files. 


To activate it, type: 

$ . virtualenv-path/bin/activate 

Or with source: 

$ source virtualenv-path/bin/activate 
Now you are inside it: 
(virtualenv-path) kalikal@kali:~$ 


To deactivate, type: 
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(virtualenv-path) kalikal@kali:~§$ deactivate 
2. Virtualbox 


VirtualBox is x86 virtualization solution. It enables you to run more than one OS ata 
time. 


Install it if you don’t have it and run it as follows: 

$ sudo apt install virtualbox 

$ virtualbox 

Then, you can create your virtual machines and their operating systems (Windows, 


Linux,..). 


4.2.7 Firewall 
iptables/ip6tables ; Administration tool for |Pv4/IPv6 packet filtering and NAT. 


ufw ; The Uncomplicated Firewall (ufw) is a program for managing a netfilter (packet 
filtering system) firewall. It is a frontend for iptables. 


$ sudo ufw enable ; Enable the firewall. 

$ sudo ufw disable ; Disable the firewall. 

To allow port SMTP (25) service or server, type: 
$ sudo ufw allow smtp 

To deny port SMTP (25) service or server, type: 
$ sudo ufw deny smtp 

To allow tcp/udp port 53 DNS service, type: 

$ sudo ufw allow 53 

To allow tcp port 3306 of MySQL service, type: 
$ sudo ufw allow 3306/tcp 


To delete a port, firstly inform about the number of the corresponds service in firewall 
status and then delete it. service number 2 will be deleted in the following: 


$ sudo ufw status numbered 
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$ sudo ufw delete 2 


4.2.8 Antivirus 


The unique antivirus product that | know in which is open source and trusted is 
ClamAV. It is an antivirus engine for detecting virus, trojan, malware, and other 
malicious threats. It is available in CLI and GUI modes. You can find it here: 


https://www.clamav.net/downloads 


clamscan ; Is the command line antivirus scanner, which scans files and directories for 


malicious threats. 

Install ClamAV: 

$ sudo apt update && install clamav 
For GUI mode, type: 

$ sudo apt update && install clamtk 
ClamAV version: 


$ clamscan --version 
ClamAV 0.103.2/26169/Thu May 13 05:04:54 2021 


Update ClamAV virus (signature) database: 

$ sudo freshclam 

Or: 

$ sudo service clamav-freshclam start 

The path of the configuration file is: “/etc/clamav/freshclam.conf” 
Scan file: 

$ clamscan file3.c 

Scan directrory: 

$ clamscan -r /home/kalikal/payloads 


To scan and move the infected files to other directory, type: 


$ clamscan -r /home/kalikal/payloads --move=/home/kalikal/infected_files 
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To scan and remove infected files: 
$ clamscan --remove -r -i /home/kalikal/infected_files 
Method to safely scan the system 


Using mounting technique, for example to scan the target Linux which exists in a 
partition (“/dev/sda3”) or you can get the partition you want to scan with a Linux Live 
CD. 


$ fdisk -l 

$ sudo mount /dev/sda3 /mnt 

$ sudo mount --rbind /sys /mnt/sys 
$ sudo mount --rbind /dev /mnt/dev 
$ sudo chroot /mnt /bin/bash 


Now you can run your scanners which exist in your system like clamscan, rkhunter on 
the target system: 


$ sudo rkhunter —check 
After that you can get out with: 


$ exit 

$ sudo umount /mnt/sys 
$ sudo umount /mnt/dev 
$ sudo umount /mnt 

$ exit 


4.2.9 Network 


ip ; Show/manipulate routing, network devices, interfaces and tunnels. 
$ ip addr ; Display all devices. It Shows addresses assigned to all network interfaces. 
$ ip addr show ; List all network interfaces and the associated IP address. 


$ ip addr show “interface” ; Change “interface” to wlanO, wlp2sO (Wi-Fi interface), ethO, 
enp3s0 (first Ethernet interface or Lan interface), lo (loopback interface: it is a virtual 
interface that the system uses to communicate with itself) or whatever you have to 
display the information. 


$ sudo ip link set wlan0 down ; Bring down the interface wlanO. 
$ sudo ip link set wlanO up ; Bring up the interface wlanO. 
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$ sudo ip addr add “ip_@”/24 dev wlan0 ; Add ip address with netmask 255.255.255.0. 
$ sudo ip addr del “ip_@”/24 dev wlan0 ; Delete ip address. 


$ sudo ip addr change “ip_@/24”/24 dev wlan0 ; Like that it adds a new ip address, if it 
doesn't exist with the same netmask. With adding to command line for example 
preferred_Ift 500 valid_Ift 500 (set preferred lifetime and valid lifetime to 500s), you will 
change the flags time to 498sec instead of forever(zero) value within ip settings. 


$ ip route ; Show table routes. 


$ sudo ip route add 192.168.2.0/24 via 192.168.0.1 dev wlanO ; Add a route with setting the 
gateway nexthop(192.168.0.1). 
$ sudo ip route del 192.168.2.0/24 via 192.168.0.1 dev wlan0 ; Delete the route. 


To display neighbor tables, type: 

$ ip neigh show 

To add a new table entry, type: 

$ ip neigh add “ip_@” dev “interface” 

Or, to remove an existing ARP entry, type: 

$ ip neigh del “ip_@” dev “interface” 

ifconfig ; Configure a network interface. 

$ sudo ifconfig wlan0 down ; Bring down the interface wlanO 


$ sudo ifconfig wlanO up ; Bring up the interface wlanO 


Change ip address: 
$ sudo ifconfig wlanO 192.168.0.222 netmask 255.255.255.0 


If you want to change your local ip permanently to be a static ip (instead of dynamic 
ip address known as dhcp), then edit the file and add parameters as following: 


$ sudo nano /etc/network/interfaces 
# The loopback network interface 
auto lo 

iface lo inet loopback 

# Lines added or changed 

auto wlanO 

iface wlan0 inet static 
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address 192.168.0.222 
network 192.168.0.0 
netmask 255.255.255.0 
gateway 192.168.0.1 
broadcast 192.168.0.255 


Save and close the file and type the following command to restart the networking 
service: 


$ sudo /etc/init.d/networking restart 
route ; Show/manipulate the IP routing table. 
$ route -e ; Display kernel IP routing table. 


$ sudo route add default gw 192.168.0.1 wlanO ; Add a default route. 
$ sudo route del default gw 192.168.0.1 wlanO ; Delete a default route. 


$ sudo route add 192.168.3.0 gw 192.168.0.1 wlan0O ; Add a route. The default netmask 
is /32: 255.255.255.255. 
$ sudo route del 192.168.3.0 gw 192.168.0.1 wlan0 ; Delete a route. 


$ sudo route add -net 192.168.3.0 netmask 255.255.255.0 gw 192.168.0.1 wlanO ; Add a route 
with determing a netmask (/24). 

$ sudo route add -host 192.168.3.15 gw 192.168.0.1 wlan0 ; Add a host with its gateway. 

$ sudo route add -net 192.168.3.0 netmask 255.255.255.0 gw 192.168.0.1 wlan0 ; Delete a 
route. 

$ sudo route del -host 192.168.3.15 gw 192.168.0.1 wlanO ; Delete a host. 


To apply a persistence static routing, append the following parameters in wlanO/ethO 
section: 


$ sudo nano /etc/network/interfaces 


up route add -net 192.168.0.0 netmask 255.255.255.0 gw 192.168.0.1 
down route del -net 192.168.0.0 netmask 255.255.255.0 gw 192.168.0.1 


iwconfig ; Configure a wireless network interface 


$ iwconfig ; Display information about the wireless network, including the Access Point 
your device has connected to. 


To change your wireless device interface “wlanO” to monitor mode: 
$ sudo ifconfig wlan0 down 


$ sudo iwconfig wlan0 mode monitor 
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$ sudo ifconfig wlan0 up 


To return wlan0 to managed mode : 


$ sudo ifconfig wlan0 down 
$ sudo iwconfig wlanO mode managed 
$ sudo ifconfig wlan0 up 


nmtui ; Text User Interface for controlling NetworkManager. With mtui you can for 
example easily set system hostname, set a Static IP address, create a new connection 
(exp: wifi hotspot),..etc. 


$ nmtui 

traceroute ; Print the route packets trace to network host. 

$ traceroute www.shareforshow.com ; Or change the website by IP address. 
iwlist ; Get more detailed wireless information from a wireless interface 
$ sudo iwlist wlanO scanning ; Scan all available Wi-Fi network around you. 
Find Wi-Fi password 


$ Is /etc/NetworkManager/system-connections/ ; List all the network connections used 
before on your computer. 


$ sudo cat /etc/NetworkManager/system-connections/My-Wifi.nmconnection| grep '\psk=' ; 
Print your Wi-Fi Access Point password. 


$ sudo grep -r '\psk=' /etc/NetworkManager/system-connections/ ; List all possible used Wi- 
Fi Access point Password. 


nmcli ; Command-line tool for controlling NetworkManager. 

kalikal@kali:~$ nmcli ; To get network information. 

kalikal@kali:~$ nmcli device show ; To get complete information about known devices. 
Type “q” to quit from printing information text. 

kalikal@kali:~$ nmcli connection show ; To get an overview on active connection profiles. 


You will find out in result the UUID which is a unique identification string assigned by 
the system to a connection profile. UUID can be used to identify a connection. 
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kalikal@kali:~$ nmcli d ; Determine the name of the Wi-Fi interface (Example: wlanO, 
wlan1). 


kalikal@kali:~$ nmcli d wifi list ; Based on Wi-Fi device signal capacity range, it lists 
available Wi-Fi networks. 


kalikal@kali:~$ nmcli con show ; List all the network connections used before on your 
computer. 


kalikal@kali:~$ nmcli con show My-Wifi ; Get information about your Wi-Fi network 
connection. 


kalikal@kali:~$ nmcli dev wifi show-password ; Get your current Wi-Fi password. 


For some reason you may repair the wireless network connection using “nmcli’, by 
typing the following commands: 


$ nmcli c delete 'My-Wifi' 

$ nmcli c add type wifi con-name 'My-Wifi' ifname wlan0 ssid 'My-Wifi' 
$ nmcli con modify 'My-Wifi' wifi-sec.key-mgmt wpa-psk 

$ nmcli con modify 'My-Wifi' wifi-sec.psk "My-Wifi_Password" 

$ nmcli con up 'My-Wifi' 

$ sudo /etc/init.d/networking restart 

$ sudo service network-manager restart ; If it does not work, type: 


$ sudo systemctl restart NetworkManagerservice ; Works also without the suffix ".service" 


Connect to your hidden Wi-Fi network which does not broadcast its SSID unless 
solicited, 


$ nmcli c add type wifi con-name 'MyHidden-Wifi' ifname wlan0 ssid 'MyHidden-Wifi' 
$ nmcli con modify 'MyHidden-Wifi' wifi-sec.key-mgmt wpa-psk 

$ nmcli con modify 'MyHidden-Wifi' wifi-sec.psk "My-Wifi_Password" 

$ nmcli con up 'MyHidden-Wifi' 


Find your public IP 

$ echo $(wget -qO - https://api.ipify.org) 
with curl command: 

curl ; Transfer a URL. 


$ curl ifconfig.me 
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For getting more information: 

$ curl ipinfo.io 

With dig command: 

dig ; DNS lookup utility. 

$ dig +short myip.opendns.com @resolver1.opendns.com 
Get information about public IP: 

$ curl ipinfo.io/public_ip 

Internet speed 

$ curl -s https://raw.githubusercontent.com/sivel/speedtest-cli/master/speedtest.py | python - 
Or with command speedtest-cli: 

$ sudo apt install speedtest-cli ; To install the command. 
$ speedtest-cli 

Downloading 

aria2 ; High speed download utility. 

Install and use aria2 program: 

$ sudo apt install aria2 

$ aria2 -x 6 https://www.example.com/image.iso 

Create a wifi hotspot 

1. with nmcli 


$ nmcli dev wifi hotspot ifname wlanO ssid My_WiFi password "passwOrd961" 
Device 'wlan0' successfully activated with '668fbd2e-2edf-43c0-9de2-18c930533b58'. 


To show the Wi-Fi name and the password, type: 

$ nmcli dev wifi show-password 

To stop the hotspot, type: 

$ nmcli connection down 668fbd2e-2edf-43c0-9de2-18c930533b58 


(To start again, simply put up instead of down) 
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To delete this connection hotspot (668fbd2e-2edf-43c0-9de2-18c930533b58), type: 
$ nmcli connection delete 668fbd2e-2edf-43c0-9de2-18c930533b58 
2. nm-connection-editor ; Allow users to view and edit network connection settings. 
To create an Internet access point using your Linux system as a medium, type: 
$ nm-connection-editor 
And click “+” to add a new connection, or with: 
$ nm-connection-editor -c 
Select as following: 
Choose a connection type: Wi-Fi>Connection name: Wi-Fi connection 1: 
2 Wi-Fi: SSID: My_WiFi>Mode: Hotspot>Device:Wlan(“mac address”) 


2 Wi-Fi Security: Security: WPA & WPA2 Personal (or better is WPA3Personal but it 
depends on your network interface "device/driver’) > Password: passwOrd961 


And save this configuration. 
To find and connect to it, go to: “Connect to Hidden Wi-Fi Network” in Wi-Fi Settings. 
3. with nmtui (in terminal) 


openssl ; Is a cryptography toolkit implementing the Secure Sockets Layer (SSL 
v2/v3) and Transport Layer Security (TLS v1) network protocols and related 
cryptography standards required by them. 


$ openssl version ; To find Openssl version. Add -a flag for more information. 
Verify if a connection is secure using openssl, 

$ openssl s_client -connect domain_name/IP: port 

Example: 

$ openssl s_client -connect www.shareforshow.com:443 


netstat ; Print network connections, routing tables, interface statistics, masquerade 
connections, and multicast memberships. 


§ netstat -nr 
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-r ; Display the kernel routing tables. 


-n ; Show numerical addresses instead of trying to determine symbolic host, port or 
user names. 


netstat -r and route -e produce the same output. 
Useful to display all the routes, to verify if the added routes are in the route table. 
Checking connections of servers with listening ports: 


$ sudo netstat -pInt ; -t is for TCP connections otherwise change it to -u for UDP 
connections. 


Filter the list by port number: 
$ sudo netstat -plnt | grep ':22' 


Find out all ports that the process listen on using “PID/Program name” found from 
command above: 


$ sudo netstat -plnt | grep 'PID/Program name' 

‘PID/Program name’ is for example: '13772/sshd' 

Find the program name: 

$ ps -p PID -o comm= 

Taking the example above which PID is 13772, then we type: 


$ ps -p 13772 -o comm= 
sshd 


To know if you are connected to SSH server or who is connected to your SSH server 
(or even other port), type: 


$ netstat -tn 2>/dev/null | grep :22 | awk '{print $5}' | cut -d: -f1 | sort | uniq -c | sort -nr | head 
Network Monitor 
iftop - Display bandwidth usage on an interface by host. 


$ sudo iftop -i interface ; Listen to packets on interface (Example of network interface: 
wlan0) 


etherape ; Graphical network traffic browser. 
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$ sudo etherape 


4.2.10 Bootable and ISO Image 
Create Bootable Live USB or CD/DVD 


To start with, find your usb device (disk) or CD/DVD device (rom) with: 

$ lsusb 

Or for CD/DVD device: 

$ Is -l /dev/cdrom 

1. Then, create the bootable Live USB drive or CD/DVD of your OS with dd command: 
$ sudo dd if=your_iso.iso of=/dev/sdb bs=4M 

2. For CD/DVD: 

With widom: 

widom ; Write data to optical disk media 

$ wodim -eject -tao speed=2 dev=/dev/sr0 -v -data your_iso.iso 

With brasero, after installing it, in gui or cli mode: 

brasero ; Simple and easy to use CD/DVD burning application for the Gnome Desktop 
$ sudo apt install brasero 

$ brasero ; For gui mode. 

There are other tools such as growisofs, bashburn, cdw. 

Create ISO image 


An ISO file is typically used to combine all Linux or Windows installation files into a 
single uncompressed file. We can also use the ISO image intelligently to save our files 
securely. 


kalikal@kali:~$ cp -r Directory Directory3 
kalikal@kali:~$ mkisofs -o Directory.iso /home/kalikal/Directory3 


Or with genisoimage tool: 
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genisoimage ; Create ISO9660/Joliet/HFS filesystem with optional Rock Ridge 
attributes. 


kalikal@kali:~$ genisoimage -o Directory.iso /home/kalikal/Directory3 

To mount “Directory.iso” and display its content: 

kalikal@kali:~$ sudo mount Directory4.iso /mnt -t iso9660 -o loop 

Create iso image with command dd of an encrypted USB drive and open it 

$ sudo dd if=/dev/sdb1 of=/home/kalikal/Documents/flashdrive/img.iso bs=4k status=progress 


$ sudo cryptsetup luksOpen /home/kalikal/Documents/flashdrive/img.iso img.iso 
Enter passphrase for /home/kalikal/Documents/flashdrive/img. iso: 


Here you can get your original encrypted drive shown on the desktop (GUI). Where it is 
displayed to open it, or you can complete and open it in terminal: 


$ sudo mount /dev/mapper/img.iso /mnt/ 
kalikal@kali:~§ cd /mnt ; Is 

Exit and unmount the mountpoint: 
kalikal@kali:/mnt§ exit 

$ sudo umount /mnt 

Or with: 

$ sudo umount /dev/mapper/img.iso 
And then close the file: 


$ sudo cryptsetup luksClose img.iso 


4.2.11 Permissions 


chmod ; Change file mode bits. It is used to handle file permissions. 


If the owner has permission to read, write, and execute the file i.e the owner read, 
write, and execute bits are on, then the output of permissions are presented as follows: 


The above output gives us an explanation of some properties: 
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The first position has one character, the dash “-”, which means a normal or regular 
file type (for example: .txt, .c , .py, .docx, odt, .pdf) . It can be also: 


=> “d” for directory. 

=> “I for symbolic link. 

“h” for hard link. 

“p” for fifo (named pipe) (to create it: $ mkfifo myfifo_file). 


“c” for character device file. 
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“b” for block device file. 
= “s” for local socket file 
By the way, these are the seven Linux file types. 


The second position contains the next three characters, and permission is reserved 
for “u”: user or owner. 


The third position contains the next three characters and the permission is reserved 
for “g”: group. 


The fourth position contains the next three or final characters and the permission is 
reserved for “o”: others. 


They are (the second, third and fourth positions) represented as the following: 


=> “-” means the absence of a permission. 
=> The first character is “-” or “r’: read. 
=> The second is “-” or “w”: write. 
=> The third is “-” or “x”: execute. 
Another example: 


$ Is -I file3.c 
-rw-r--r-- 1 kalikal kalikal 120 Nov 7 08:48 file3.c 


Then we have got an output of the file permissions: -rw-r--r-- 


=> Posi= -: regular file (C language source). 
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= Pos2= rw- : read and write only for user or owner (as ownership, kalikal is the 
owner found within the output line, the first username or column number 3). 


= Pos3= r-- : read only for the group (as ownership kalikal is the group found 
within the output line, the second username or column number 4). 


=> Pos4= r-- : read only for others. 
To change the file permission we use chmod with letters or with numbers 
With letters: 

=> “+” to add permission and “-” to remove it. 

=> “=” to set permission. 


=> “u”: owner (pos2), “g”: group(pos3), “o”: others(pos4), and “a”: all(all positions) 
for “r’: read, “w”: write, and “x": execute. 


Example: 
$ touch file4 ; create a file. 


$ Is -I file4 ; Show the permissions. 
-rw-r--r-- 1 kalikal kalikal 0 Nov 18 19:28 file4 


To add owner execute bit: 
$ chmod u+x file4 


$ ls -I file4 
-rwxr--r-- 1 kalikal kalikal 0 Nov 18 19:28 file4 


To remove it: 
$ chmod u-x file4 
To add read and write to group and others: 


$ Is -l filed 
-rw-rw-rw- 1 kalikal kalikal 0 Nov 18 19:28 file4 


We can add read or/and execute to all users (pos2, pos3, pos4) except for write which 
changes only the owner (pos2) by just typing: 


$ chmod +x file4 ; Or: +r, or together: +rx. 
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With numbers: 
For each character of the three users positions (pos2, pos3, pos4), we have: 
> 4: read (‘r’). 
=> 2: write (“w’). 
=> 1: execute (“x”). 
=> 0: None (‘-”). 


Thus, if we want to add read, write, and execute to owner(pos2), and no permissions 
for other users (group and others), we should make an addition: 


pos2 = 4+2+1 = 7; pos3 = 0+0+0 = 0; pos4 = 0+0+0 = 0. 
$ chmod 700 file4 

To add read and write for all users: 

pos2 = 4+2+0 = 6; pos3 = 4+2+0 = 6 ; pos4 = 4+2+0 = 6. 
$ chmod 666 file4 

To add full permissions for all users: 

pos2 = 4+2+1 = 7; pos3 = 4+2+1 = 7 ; pos4 = 44+2+1 = 7. 
$ chmod 777 file4 

chown ; Change file owner and group. 

To Change the ownership of file4, the user owner from kalikal to root: 
$ sudo chown root file4 


$ Is -l filed 
-TWx------ 1 root kalikal 0 Nov 18 19:28 file4 


Or to change them together, owner and group, to root: 
$ sudo chown root:root file4 ; (sudo chown owner:group file). 


$ Is -l filed 
-TWx------ 1 root root 0 Nov 18 19:28 file4 


$ sudo chown -hR root /u ; Change the owner of /u and subfiles to root. 
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To prove an example of the command above, we will create a directory named 
“Directory” and files named: file5, file6, file7. 


$ mkdir Directory 

$ touch file5 file6 file7 

$ mv file5 file6 file7 Directory/ 
$ Is -I 


drwxr-xr-x 2 kalikal kalikal 4096 Nov 18 21:08 Directory 


Or better: 
$ ls -ld Directory/ 


$ ls -1 Directory/ 

total 0 

-rw-r--r-- 1 kalikal kalikal 0 Nov 18 21:08 file5 
-rw-r--r-- 1 kalikal kalikal 0 Nov 18 21:08 file6 
-rw-r--r-- 1 kalikal kalikal 0 Nov 18 21:08 file7 


$ sudo chown -hR root Directory 
$ Is -I 


drwxr-xr-x 2root  kalikal 4096 Nov 18 21:08 Directory 


$ Is -1 Directory/ 

total 0 

-rw-r--r-- 1 root kalikal 0 Nov 18 21:08 file5 
-rw-r--r-- 1 root kalikal 0 Nov 18 21:08 file6 
-rw-r--r-- 1 root kalikal 0 Nov 18 21:08 file7 


You can make a change based on the number in UID (user id) and GID (group id) of 
the file. In this case it will recursively change all, the “Directory” and its files (including 
subdirectories) in one time. 


$ id ; To find uid,gid numbers. 
$ sudo chown -R 1000:1000 Directory ; uid=1000 (kalikal), gid=1000 (kalikal). 


Example of problem: In case of login problem relating to the file “Xauthority” and its 
rights, type the following command, with replacing your right username/group. 


$ sudo chown username:group .Xauthority 
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chroot ; Run command or interactive shell with special root directory. 


$ mkdir root_dir 
$ cd root_dir 


Copy some current system directories to help us running the bash in the new root 
directory “root_dir” 


$ mkdir bin lib lib64 ; sudo cp -r /bin/* bin ; sudo cp -r /lib/* lib ; sudo cp -r /lib64/* lib64 
$ cd 

$ sudo chroot root_dir /bin/bash ; Run the bash shell. 

or just: 

$ sudo chroot root_dir 

bash-5.0# 


Execute a new script file “test.sh” in root directory “root_dir’: 


$ nano root_dir/test.sh ; Create a script file. 

#!/bin/sh 

echo "Hello Reader, You can here with the special root directory, execute me" 
$ chmod +x root_dir/test.sh ; Make the file “test.sh” executable. 

$ sudo chroot root_dir /test.sh ; Run the file “test.sh”. 


4.2.12 Mounting 


Mounting a filesystem is the process of attaching the filesystem found on some 
device (storage device) to a particular location (exp: /media and /mnt directories serve 
as mount points) in the directory tree (the big file tree, the file hierarchy, rooted at /). 
This can be done automatically, as in the case of plugging in removable media 
devices: CD-ROM, USB stick,..etc. 


Unmounting is simply the process of detaching the filesystem again. 
mount ; Mount a file system. 

$ mount ; Display all currently attached file systems. 

$ mount -t ext4 ; -t : Limit the set of file system types. 


$ mount /dev/sda3 /mnt ; Mount a device “sda3” or whatever you have such as USB Stick 
or partition on the mountpoint “/mnt’(empty Linux directory). 


To explore an ISO image file, we mount it with following line of the command: 


$ mount image.iso /mnt -t iso9660 -o loop 
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Umount ; unmount file systems. 
$ exit ; you should exit from the mounted directory “/mnt” in our example. 


$ umount /mnt ; To unmount the device “sda3” from the mountpoint “/mnt” of this 
example. 


Mount remote Server (Ubuntu 20.04 LTS) Filesystem or Directory Using SSHFS Over 
SSH 


sshfs ; Allow to mount a remote file system using SSH (more precisely, the SFTP 
subsystem). 


Create a mounted directory 

$ sudo mkdir /mnt/mounted_ubuntu 

Mount remote filesystem 

$ sudo sshfs -o allow_other ubunt@192.168.0.101:/home/ubunt/ /mnt/mounted_ubuntu 
If, with SSH key-based authentication: 


$ sudo sshfs -o allow_other,IdentityFile=~/.ssh/id_rsa ubunt@192.168.0.101:/home/ubunt/ 
/mnt/mounted_ubuntu 


List remote filesystem 

$ cd /mnt/mounted_ubuntu 

$ Is 

Check remote mounted filesystem 

$ df -hT 

Persistence for mounting the remote file system 

Edit the file /etc/fstab, and add the parameter In the bottom of the file: 


$ sudo nano /etc/fstab 


sshfs#ubunt@192.168.0.101:/home/ubunt/ /mnt/mounted_ubuntu fuse.sshfs defaults 0 0 


To automate mounting files system while the system reboots, configure the 
authentication between Systems to be without a password as shown above. 


If you use SSH key-based authentication, add the following parameter: 
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sshfs#ubunt@192.168.0.101:/home/ubunt/ /mnt/mounted_ubuntu fuse.sshfs 
IdentityFile=~/.ssh/id_rsa defaults 0 0 


Update fstab file 

$ sudo mount -a 

To Unmount Remote File system 

$ umount /mnt/mounted_ubuntu 

Set of methods to display the file systems mounted on the host: 
$ sudo fdisk -l 

$ Isblk -f 

$ df or df -h (-h for human readable sizes) 
$ cat /etc/mtab 

$ column -t /etc/mtab 

$ cat /etc/fstab 

$ cat /proc/mounts 


$ findmnt 


4.2.13 Automation 


Automation is the process of scheduling tasks to run in the future. 


crontab ; The program is used to install, deinstall or list the tables used to drive 
the cron daemon in Vixie Cron. 
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Job definition 


prososeesesceeene minute (0 - 59) 

| receeeenee-=- hour (0 - 23) 

| | wreeee-e-- day of month (1 - 31) 

ee ee i ocee month (1 - 12) OR jan,feb,mar,apr ... 

| | | | .---- day of week (0 - 6) (Sunday=0 or 7) OR sun,mon,tue,wed,thu,fri,sat 
io 

es 


command to be executed 


10* * * * command ; Hourly executed, i.e. it will be executed every hour, exp: at 1:10 a.m, 
2:10 a.m, .. 

105 * * * commana ; Daily. 

105 * * 7 command ; Weekly. 

105 1 * * command; Monthly. 


$ crontab -I ; List user's crontab. 


$ crontab -e ; Edit user's crontab. Add the following line to create a new folder 
“TestCron”, every 2 minutes/every even minute, 


#/2 * & * & mkdir /home/kalikal/TestCron 


Add the following line to run a backup of all your user accounts, at 5 a.m every week 
with: 


05 * * 1 tar -zcf /var/backups/home_users.tgz /home/ 
To delete user's crontab, type: 

$ crontab -r 

Using a specific user root, 


$ nano cronfile ; Type the following line for running every minute/1 minute and save the 
file: 


*/] * * * * mkdir /home/kalikal/TestCron1 
Or: 
* mkdir /home/kalikal/TestCron1 


$ sudo crontab -u root cronfile ; Run the job of the cronfile. 
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$ sudo crontab -u root -l ; List crontab for root. 
*/] * * * * mkdir /home/kalikal/TestCron1 
$ sudo crontab -u root -i cronfile ; Prompt before deleting user's crontab. 


§ sudo crontab -u root -r ; Delete user's crontab. 


4.2.14 DNS Server 


DNS (Domain Name System) in short, is a matching name (domain) to a number (IP 
address). 


1. Change DNS server 
nslookup ; Query Internet name servers interactively. 


To get your current DNS server, make a request with nslookup command to a website 
as following: 


$ nslookup shareforshow.com 
Server: 192.168.0.1 
Address:  192.168.0.1#53 


To get it also with dig command, type: 
$ dig shareforshow.com 


To change my DNS server “192.168.0.1” to google DNS server “8.8.8.8”, edit the file 
“letc/resolv.con”, and delete or comment the current DNS server as following: 


$ sudo nano /etc/resolv.conf 
nameserver 8.8.8.8 
#nameserver 192.168.0.1 


Save the file and test again. Here you will find how the DNS server is changed. 


2. Install and Configure BIND (Berkeley Internet Name Domain) as a private network 
DNS server 


Our configuration features are the following: 
=> Private Network = 192.168.0.0/24 
=> DNS Bind Server IP in local machine (Kali Linux: kalikal) = 192.168.0.102 
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= DNS server IP for internet = 192.168.0.1 
= Domain Name = shareforshow1.com 
= Local machine IP (Ubuntu: ubunt) as host client = 192.168.0.101 


We test by sending requests from the client-side before we go to install and configure 
the DNS server, 


ubunt@meet:~§ ping shareforshow1.com 
ping: shareforshow1.com: Name or service not known 


ubunt@meet:~§ nslookup shareforshow1.com 
Server: 192.168.0.102 
Address: = 192.168.0.102#53 


** server can't find shareforshow1.com: NXDOMAIN 


Remember that your domain is local within your private network, hence be sure that 
your tested domain doesn't exist in public to avoid any confusion. 


For example, on the server side, here, if the same domain exists in public network, 
there is no problem and it works normally i.e. with taking the public address and not the 
private one, because in our configuration file: (on server side) “/etc/resolv.conf’, we 
keep the DNS server IP for the internet. 


Server side 

To install BIND9, type: 

$ sudo apt-get install bind9 

To check the version, type: 

$ named -v 

BIND 9.16.8-Debian (Stable Release) <id:539f9f0> 
To show the status of the DNS server, type: 

$ sudo service named status 

Or: 

sudo service bind9 status 


To configure BIND9 on the system, follow these steps: 
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1- Make a backup for “/etc/bind/named.conf.options’” file and editing as following: 
$ sudo cp /etc/bind/named.conf.options /etc/bind/named.conf.options.backup 
$ sudo nano /etc/bind/named.conf.options 
options { 
directory "/var/cache/bind"; 


auth-nxdomain no; # yes allows the server to answer authoritatively (the AA bit is set) 
//when returning NXDOMAIN (domain does not exist) answers. 


listen-on port 53 { localhost; 192.168.0.0/24; }; 
allow-query { localhost; 192.168.0.0/24; }; 
forwarders { 192.168.0.1; }; 


recursion yes; 


// lf BIND logs error messages about the root key being expired, 
// you will need to update your keys. See https://www.isc.org/bind-keys 


dnssec-validation auto; 
it listen-on-v6 { any; }; 
is 


DNSSEC (Domain Name System Security Extensions) provides a way to 
cryptographically build a chain of trust from the root name servers to authoritative 
name servers. Be aware and read more before using this option: “dnssec-validation 
auto;”. 


$ sudo chmod 644 /etc/bind/named.conf.options 

$ sudo chown root:bind /etc/bindamed.conf. options 

2- Make a backup for “/etc/bind/named.conf.local” file and editing as following: 
$ sudo cp /etc/bindmamed.conf.local /etc/bind/named.conf.local.backup 


$ sudo nano /etc/bind/named.conf.local 
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zone "shareforshow1.com" { 
type master; 
file "/etc/bind/forward.shareforshow1.com"; 
is 
zone "0.168.192.in-addr.arpa" { 
type master; 
file "/etc/bind/reverse.shareforshow1.com"; 
Hi 
$ sudo chmod 644 /etc/bind/named.conf.local 
$ sudo chown root:bind /etc/bind/named.conf.local 
Create a forward lookup zone file for private network. 
We use a sample zone "/etc/bind/db.local" file for that, 
$ sudo cp /etc/bind/db. local /etc/bind/forward.shareforshow1.com 


$ sudo nano /etc/bind/forward.shareforshow1.com 
; BIND data file 


$TTL 604800 
@ IN _ SOA _ ns1.shareforshow1.com. root.ns1.shareforshow1.com. ( 


2 ; Serial 
604800 ; Refresh 
86400 ; Retry 
2419200 ; Expire 


604800) — ; Negative Cache TTL 


; Name Server Information 
@ IN _ NS ~— ns1.shareforshow1.com. 


; IP address of Your Domain Name Server(DNS) 
nsl IN A_— 192,168.0.102 


; Mail Server MX (Mail exchanger) Record 
shareforshow1.com. IN MX 10 mail.shareforshow1.com. 
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; A Record for Host names 

client IN A 192.168.0.101 
@ IN A_ 192.168.0.102 
www IN A _— 192.168.0.102 
mail IN A — 192.168.0.145 


; CNAME Record 
ftp IN CNAME www.shareforshow1.com. 


The “$TTL” directive (Time To Live) is defined in RFC 2308. TTL defines the duration in 
seconds that the record may be cached by any resolver. A SOA record stands for Start 
of Authority contains administrative information about the zone. 


We have added information and records regarding our DNS server. It depends on your 
needs, you can for example append more A Records, CNAME Records (Canonical 
Name Records can be used to alias one name to another. Simply to avoid maintaining 
two different records). 


As you see we have added A Record, mail server Record and CNAME Record for ftp 
server. 


$ sudo chown root:root forward.shareforshow1.com 

$ sudo chmod 644 forward.shareforshow1.com 

Create a reverse lookup zone file, using "/etc/bind/db.127" file 
$ sudo cp /etc/bind/db.127 /etc/bind/reverse.shareforshow1.com 


$ sudo nano /etc/bind/reverse.shareforshow1.com 
; BIND reverse data file 


$TTL 604800 
@ IN _ SOA _ shareforshow1.com. root.shareforshow1.com. ( 


1 ; Serial 
604800 ; Refresh 
86400 ; Retry 
2419200 ; Expire 


604800) — ; Negative Cache TTL 
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; Your Name Server Info 
@ IN _ NS ~— ns1.shareforshow1.com. 
nsl IN A _ 192.168.0.102 


; Reverse Lookup for Your DNS Server 
102. IN _ PTR _ ns1.shareforshow1.com. 


; PTR Record IP address to HostName 

101 IN PTR _ client.shareforshow1.com. 
102. IN PTR © shareforshow1.com. 

102. IN  PTR_ wwwshareforshow1.com. 
145 IN  PTR_ mail.shareforshow1.com. 


$ sudo chown root:root reverse.shareforshow1.com 
$ sudo chmod 644 reverse.shareforshow1.com 
Restart the BIND service, 

$ sudo systemctl restart named 


$ sudo systemctl enable named 

Synchronizing state of named.service with SysV service script with /lib/systemd/systemd-sysv- 
install. 

Executing: /lib/systemd/systemd-sysv-install enable named 

Created symlink /etc/systemd/system/bind9.service = /lib/systemd/system/named.service. 
Created symlink /etc/systemd/system/multi-user.target.wants/named.service — 
/lib/systemd/system/named.service. 


Open the DNS port on the firewall for 53 tcp/udp, 

$ sudo ufw allow 53 

To validate the syntax of BIND9 configuration, type: 
$ sudo named-checkconf /etc/bind/named.conf.local 

If there’s no result, that means no errors. 

To validate the syntax of the zone files, type: 


$ sudo named-checkzone shareforshow1.com /etc/bind/forward.shareforshow1.com 
zone shareforshow1.com/IN: loaded serial 2 
OK 
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$ sudo named-checkzone shareforshow1.com /etc/bind/reverse.shareforshow1.com 
zone shareforshow1.com/IN: loaded serial 1 
OK 


Verifcation of permissions: 


The owners and permissions for "/var/cache/bind" directory and its files should appear 
as follows: 


$ Is -la /var/cache/bind 

total 16 

drwxrwxr-x 2 root bind 4096 Jan 1 21:23. 

drwxr-xr-x 23 root root 4096 Jan 1 16:00.. 

-rw-r--r-- 1 bind bind 821 Jan 1 21:23 managed-keys.bind 
-rw-r--r-- 1 bind bind 1848 Jan 1 21:23 managed-keys.bind.jnl 


So to grant that, we do: 

$ sudo chown root:bind /var/cache/bind 

$ sudo chmod 775 /var/cache/bind 

$ sudo chown bind: bind /var/cache/bind/managed-keys.bind 
$ sudo chmod 644 /var/cache/bind/managed-keys. bind 

$ sudo chown bind:bind /var/cache/bind/managed-keys. bind.jnl 
$ sudo chmod 644 /var/cache/bind/managed-keys. bind.jnl 
Restart and reload our DNS server, 

$ sudo systemctl restart named 

$ sudo systemctl reload named 

Client side 


Now in client side (Ubuntu in my case) modify the "/etc/resolv" file to appear as the 
following: 


$ sudo nano /etc/resolv.conf 


search shareforshow1.com 
nameserver 192.168.0.102 
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Some tests 


ubunt@meet:~§ nslookup ns1.shareforshow1.com 
Server: 192.168.0.102 
Address: 192.168.0.102#53 


Name: ns1.shareforshow1.com 
Address: 192.168.0.102 


ubunt@meet:~$ nslookup ftp.shareforshow1.com 
Server: 192.168.0.102 
Address: = 192.168.0.102#53 


ftp.shareforshow1.com canonical name = www.shareforshow1.com. 
Name: www.shareforshow1l.com 
Address: 192.168.0.102 


$ dig ns1.shareforshow1.com 
To map address to names (Simplified reverse lookups), type: 
$ dig -x 192.168.0.102 
Pinging: 

$ ping shareforshow1.com 

$ ping www.shareforshow1.com 
Troubleshoot 

To discover errors, type: 

$ sudo service named status 

$ sudo tail -f /var/log/syslog 

$ named -g 

$ journalctl -xe 


To resolve fetching DNSKEY set with message error “managed-keys-zone: Unable to 
fetch DNSKEY set '.': operation canceled”, type simply: 


$ sudo service named restart 
$ sudo service named reload 
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Simple Installation and configuration of DHCP server 

DHCP server installed in Kali Linux (user:kalikal), which is the server itself, and has: 
=> Astatic IP: 192.168.0.102. 
=> Wi-Fi network interface: wlanO. 

Ubuntu (user:ubunt) is the Client for getting a dynamic IP address. 

Server 

Install the DHCP server: 

$ sudo apt-get update 

$ sudo apt-get install isc-dhcp-server 

To show the version, type: 


$ dhcpd --version 
isc-dhcpd-4.4.1 


When you start the DHCP server and get the following message, that means you need 
to configure your server, 


$ sudo service isc-dhcp-server start 
Job for isc-dhcp-server.service failed because the control process exited with error code. 
See "systemctl status isc-dhcp-server.service" and "journalctl -xe" for details. 


Edit a "/etc/default/isc-dhcp-server", as the following: 


$ sudo nano /etc/default/isc-dhcp-server 


INTERFACESv4="wlan0" 
INTERFACESv6="" 


Create a backup file of "/etc/dhcp/dhcpd.conf" 
$ sudo cp /etc/dhcp/dhcpd.conf /etc/dhcp/dhcpd.conf. backup 


Go to section with line "# This is a very basic subnet declaration." edit and uncomment 
it as following: 


$ sudo nano /etc/dhcp/dhcpd.conf 


subnet 192.168.0.0 netmask 255.255.255.0 { 
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range 192.168.0.105 192.168.0.115; 
option routers 192.168.0.1; 
} 


If you want to configure Domain name servers according to our previous DNS server 
configuration, edit also in the same file the section “# option definitions common to all 
supported networks...” as following: 


# option definitions common to all supported networks... 
option domain-name "shareforshow1.com"; 
option domain-name-servers ns1.shareforshow1.com; 


And add to “/etc/hosts” file the following line: 


$ sudo nano /etc/hosts 


192.168.0.102 ns1.shareforshow1.com 


Then restart and reload the DNS server to ensuring that everything is working well, 


$ sudo service named restart 
$ sudo service named reload 
$ sudo service named status 


Resart the DHCP server, 


$ sudo /etc/init.d/isc-dhcp-server restart 
$ sudo /etc/init.d/isc-dhcp-server status 


In case the traffic is blocked, you may need to open the port on the firewall for dhcp 
server, 


$ sudo ufw allow 67 
Client 


To configure the client to use a DHCP server on a network interface wlanO of Kali Linux 
machine, type the following lines in "/etc/network/interfaces" file: 


$ sudo nano /etc/network/interfaces 
auto wlanO 
iface wlan0 inet dhcp 


$ sudo service network-manager restart ; If it does not work, type: 
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$ sudo systemctl restart NetworkManager 

And you will get a static IP address within the range specified for the DHCP server. 
To check, type: 

$ ifconfig 


If it doesn’t generate a dynamic IP within the range, make sure that the server is 
Disabled in your router and in DHCP Settings the DHCP. 


If you cannot connect to the Internet just comment lines in the "/etc/resolv.conf" file as 
in my case to take the automatic DNS server IP or comment only the “nameserver 
127.0.0.53” or you can add and use only Google DNS server IP for example or with 
“options edns0”, 


$ sudo nano /etc/resolv.conf 
#nameserver 127.0.0.53 
nameserver 8.8.8.8 
#options ednsO 


Or if you configured the section of domain name server to run according to our 
previous DNS server than keep using as defined before: 


$ sudo nano /etc/resolv.conf 
search shareforshowl.com 
nameserver 192.168.0.102 


To find out the DHCP server that's giving you the IP, type: 
$ sudo dhclient -d -nw wlanO 

Or: 

$ grep dhcp-server-identifier /var/lib/dhcp/dhclient.leases 


4.2.15 Mail server 


An electronic mail (email or e-mail) is a medium used by people to exchange 
messages through connected electronic devices. 


A mail server (or email server) is a computer system that sends and receives email 
over the network or the internet. The transportation of email is from a client to a server, 
a server to a server, and a server to a client. 
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1. Alpine email client 


alpine ; An Alternatively Licensed Program for Internet News and Email. It is a screen- 
oriented message-handling tool. 


Install Alpine: 
$ sudo apt install alpine 
Alpine version: 


$ alpine -version 
Alpine 2.24 .. 


Alpine configuration file: 

$ cat ~/.pinerc 

Run the following command to see how system defaults have been set, 
$ alpine -conf 

Run Alpine: 

$ alpine 

Configure Alpine to use your gmail account: 

Select S (Setup) > L (collectionLists) > A (Add Cltn), then fill out such as following: 
Nickname : My_GMAIL 

Server : imap.gmail.com/ssl/user=user_name@gmail.com 

Path — : mail/ 

You may determine port number as the following: 

Server : imap.gmail.com:993/ssl/user=user_name@gmail.com 

To save press Ctrl + X, and then: 

Select S (Setup) > C (Config) and fill out: 

User Domain = gmail.com 


SMTP Server (for sending) = 
smtp.gmail.com/novalidate-cert/user=user_name@gmail.com/ssl 
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Inbox Path = {imap.gmail.com/novalidate-cert/ssl/user=user_name@gmail.com}INBOX 
Scroll down and fill out the following line: 

Customized Headers = From: your_name your_title <user_name@gmail.com> 

Save with: E (Exit Setup) > Y (for yes) 

If there is no problem with the certificates, instead of previous configuration type: 
SMTP Server (for sending) = smtp.gmail.com:587/tls/user=user_name@gmail.com 
Inbox Path = {imap.gmail.com:993/ssl/user=user_name@gmail.com}INBOX 

In order to authorize Alpine to access your email, Alpine needs two steps: 


Firstly, make a less secure app access to ON in your gmail account 
(https://myaccount.google.com/ > Then go to Security): 


Allow less secure apps: ON 


From now on, you can fetch your emails (received emails) into Alpine. To send your 
email you must continue with the second step. 


As a second step, you must register Alpine with Google and create a client-id and 
client-secret, login to https://console.developers.google.com and create a project. 
Follow the following website to get them: 


http://alpine.x10host.com/alpine/alpine-info/misc/RegisteringAlpineinGmail.html 
After getting them (client-id and client-secret), back to Alpine and select 

S (SETUP) > U (xoaUth2) and paste them there: 

Client-Id = _paste_here_ 

Client-Secret = _paste_here_ 

Save with: E (Exit Setup) > Y (Yes) 


Now you can send and receive gmail emails via Alpine. Alpine is available for many 
Operating systems and because its configuration is stored in a plain text file “pinerc’, 
you Can simply copy it to a desirable device and it will work. 


2. Local mail server 


Our local mail server configuration features are as following: 
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= Machine 1: The server is Kali Linux with the user: kalikal and IP: 192.168.0.102. 


= Machine 2 : The Client is Ubuntu Linux with the user: ubunt and IP: 
192.168.0.101. 


=> We use our past DNS server configuration with domainname: 
shareforshow1.com. 


#Internet =======X====== Public DNS 


#Server <censeneeseenemnnenensenns > #Clients 

+4t++tt+44t++++4++ FEEHLEHEL HET HET EET HEE T+ 
| Local DNS 

| (Bind9) 


| SMTP Server sending ; port : 25 
| (POStFIX) —— <-----=---=n-=nn onan nnn nnn nnnn nnn c nnn nnnnns telnet, mail, ssmtp, thunderbird, alpine 


| IMAP Server _ fetching ; port : 143, 993 
| (courier imap) --------------------------------- 22-0 22-9 =2- > telnet, thunderbird, alpine 
| ------------------- +tt+tt+tt+ttt4t+tttt+tt++ 


| User1<-----+ 

juser1@example.com <==> send+treceive emails between users 

| User2<-----+ fetching emails: from local and outside system (using courier 
imap) 


juser2@example.com 
i 
|Usern 


| usern@example.com 


+t+t4t+t4t++4++4++ 


Figure 38: Local Mail Server 
Client side 


We check from client side (Ubuntu) the record mail after we have changed it from 
192.168.0.145 to be 192.168.0.102 for using Kali Linux as a mail server, 
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ubunt@meet:~$ dig mail.shareforshow1.com 
ubunt@meet:~$ dig mail.shareforshow1.com mx 


$ host -t mx shareforshow1.com 
shareforshow1.com mail is handled by 10 mail.shareforshow1.com. 


Server side 
Install Postfix 


Postfix is a free and open-source mail transfer agent (MTA) that relays (routes and 
delivers) email between entities. 


$ sudo apt update 
$ sudo apt postfix 


Automatic Postfix Configuration: 
> Internet site: "Mail is sent and received directly using SMTP." 
> System mail name: kali 

To reconfigure the package Postfix, type: 

$ sudo dpkg-reconfigure postfix 


For the best recognition, you can change your hostname from kali to 
shareforshow1.com to show in terminal as following: 


kalikal@shareforshow1.com:~$ 
Postfix version: 


$ postconf mail_version 
mail_version = 3.5.6 


Check my Postfix configuration: 

All Postfix configuration files are stored in the "/etc/postfix" directory. 

To display all of your system’s Postfix configurations and their details, type: 
$ postconf 


Show only configuration parameters that have an explicit name=value settings in 
main.ctf. 
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$ postconf -n 

Start postfix: 

$ sudo systemctl status postfix 

$ sudo systemctl start postfix 

To see the status of a mail log file, type: 

$ sudo cat /var/log/mail.log 

Test if you can connect to your Postfix Server: 


kalikal@kali:~§ telnet localhost 25 
Trying ::1... 

Connected to localhost. 

Escape character is ')]’. 

220 kali ESMTP Postfix (Debian/GNU) 


To allow connections to the service, type: 
$ sudo ufw allow Postfix 
Test from client side: 


ubunt@meet:~$ telnet 192.168.0.102 25 
Trying 192.168.0.102... 

Connected to 192.168.0.102. 

Escape character is '\]’. 

220 kali ESMTP Postfix (Debian/GNU) 


Trying to send an email: 
With telnet client, the format for sending an email is: 


ehlo hostname ; To show existed options. Choose a name for your hostname, such as 
"meet" to make sure that’s from your host system. 


MAIL FROM: <sender_name@example.com> 
RCPT TO: <recipient_name@example.com> 
Subject: your_subject 

DATA 


Email Content. 
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. } Type dot "." and hit enter for sending the email. 
quit ; For exit 


ubunt@meet:~§ telnet mail.shareforshow1.com 25 
Trying 192.168.0.102... 

Connected to mail.shareforshow1.com. 
Escape character is '\]’. 

220 kali ESMTP Postfix (Debian/GNU) 
ehlo meet 

250-kali 

250-PIPELINING 

250-SIZE 10240000 

250-VRFY 

250-ETRN 

250-STARTTLS 
250-ENHANCEDSTATUSCODES 
250-8BITMIME 

250-DSN 

250-SMTPUTF8 

250 CHUNKING 

MAIL FROM: <admin@testing.com> 
250 2.1.0 Ok 

RCPT TO: <user@testing.com> 

454 4.7.1 <user@testing.com>: Relay access denied 
quit 

221 2.0.0 Bye 

Connection closed by foreign host. 


The last message "Relay access denied" means in our case that the client machine 
doesn't belong to my networks. Hence, when we add to "/etc/postfix/main.cf" file 


192.168.0.0/24 to the line: 


mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128 192.168.0.0/24 


And then, restart and reload the service: 


$ sudo systemctl restart postfix 
$ sudo systemctl reload postfix 


Finally we get to accomplish the task as the following: 


ubunt@meet:~§$ telnet mail.shareforshow1.com 25 


171 


RCPT TO: <user@testing.com> 

250 2.1.5 Ok 

DATA 

354 End data with <CR><LF>.<CR><LF> 
hello, 

It's just a test mail. 

Thank you. 


250 2.0.0 Ok: queued as DC497220157 
quit 

221 2.0.0 Bye 

Connection closed by a foreign host. 


Other example for sending mail from client side: 


ubunt@meet:~§$ telnet mail.shareforshow1l.com 25 
Trying 192.168.0.102... 

Connected to mail.shareforshow1.com. 

Escape character is '\]’. 

220 kali ESMTP Postfix (Debian/GNU) 

ehlo meet 


MAIL FROM: <admin@testing.com> 

250 2.1.0 Ok 

RCPT TO: <kalikal@shareforshow1.com> 
250 2.1.5 Ok 

DATA 

354 End data with <CR><LF>.<CR><LF> 
Hello user Kalikal, 

TESTING.. 


250 2.0.0 Ok: queued as 576132202D2 
quit 

221 2.0.0 Bye 

Connection closed by a foreign host. 


Thus, we have sent an email, and we see the message in the server side 
"/var/mail/username" (or "/var/spool/mail/username") user mail file, where "kalikal" is 
our username as the following: 


From admin@testing.com Sun Jan 10 11:26:21 2021 
Return-Path: <admin@testing.com> 
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X-Original-To: kalikal@shareforshow1.com 
Delivered-To: kalikal@shareforshow1.com 
Received: from meet (unknown [192.168.0.101]) 
by kali (Postfix) with ESMTP id 576132202D2 
for <kalikal@shareforshow1.com>; Sun, 10 Jan 2021 11:25:54 -0500 (EST) 


Hello user Kalikal, 
TESTING.. 


When you have this error message "RCPT TO: <ubunt@shareforshow1.com> 

550 5.1.1 <ubunt@shareforshow1.com>: Recipient address rejected: User unknown in 
local recipient table 

Connection closed by a foreign host." 


Append to "/etc/postfix/main.cf" file: 
local_recipient_maps = 


If you saw errors messages in "/var/log/mail.log" file when you sent an email such as 
the following: 


"Jan 10 18:47:49 kali postfix/local[1223012]: warning: error looking up passwd info for 
ubunt: No such file or directory 
Jan 10 18:47:49 kali postfix/local[1223012]: A33182202D6: 


to=<ubunt@shareforshow1.com>, relay=local, delay=1507, delays=1507/0.09/0/0.04, 
dsn=4.0.0, status=deferred (user lookup error)" 


You can resolve it with removing sss from “/etc/nsswitch.conf” file (be aware, that this 
change doesn't influence another configuration) as the following: 


$ sudo nano /etc/nsswitch.conf 


passwd: files systemd 
group: files systemd 
shadow: files 


Or if you don't need sssd-client package, then remove it. 
Other example: 


After changing hostname’ from~ "kali" to  "mail.shareforshow1.com" in 
"/etc/postfix/main.cf" file, the server name appears differently: 


ubunt@meet:~§$ telnet mail.shareforshow1.com 25 
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Trying 192.168.0.102... 

Connected to mail.shareforshow1.com. 

Escape character is ')]’. 

220 mail.shareforshow1.com ESMTP Postfix (Debian/GNU) 
ehlo ubunt 

250-mail.shareforshow1.com 

250-PIPELINING 


We can also test a sending mail with the following commands: 


$ echo "This is the body of the email" | mail -s "This is the subject line" 
kalikal@shareforshow1.com 


Or we can test it with mail command entering the cc: (other email if you want), Subject, 
message and complete with hitting "enter" and then for sending "ctr + d" (or type "."). 
We will test sending message to the previously created newuser user in the same 
system, 


kalikal@kali:~$ mail newuser@shareforshow1.com 
Ce: 

Subject: Testing 

Hello Newuser, 

It's a test msg 00 


Now we can check the received message in newuser with just typing mai! and then 
choose the message number to display. And for quit, type: quit or exit, 


kalikal@kali:~$ sudo login newuser 

Password: 

newuser@kali:~$ mail 

Mail version 8.1.2 01/15/2001. Type ? for help. 
"/var/mail/newuser": 1 message 1 new 

>N 1 kalikal@sharefors Tue Jan 12 11:05 18/624 Testing 
& 

Message 1: 

From kalikal@shareforshow1.com Tue Jan 12 11:05:56 2021 
X-Original-To: newuser@shareforshow1.com 

To: newuser@shareforshow1.com 

Subject: Testing 

MIME-Version: 1.0 

Content-Type: text/plain; charset="UTF-8" 
Content-Transfer-Encoding: 8bit 
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Date: Tue, 12 Jan 2021 11:05:55 -0500 (EST) 
From: kali kal <kalikal@shareforshow1.com> 


Hello Newuser, 
It's a test msg 00 


You can also send a mail from newuser to kalikal superuser as the following: 
newuser@kali:~$ mail kalikal@shareforshow1.com 

Forwarding system mail: 

It's configured by a default to take effect. Otherwise edit: 


sudo nano /etc/aliases 
root: kalikal@shareforshow1.com 


For the change to take effect, run the following command: 
$ sudo newaliases 
You may now test that it works by sending an email to the root account using: 
echo "This is the body of the email" | mail -s "This is the subject line" root 
Till now we can: 
=> Send and receive emails in same local system using users. 


=> Send emails from an outside local system (from client side) to a mail server, 
getting emails for different local users. 


But we cannot send emails from the local system to the client system. To resolve this 
problem: 


We create users accounts (already newuser is existed) in the server to use as email 
accounts. 


Install an IMAP server for fetching emails 
Server side 
Install the Courier IMAP server 


The Courier IMAP server (imapd) provides IMAP access to Maildir mailboxes. 
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$ sudo apt-get install courier-imap 

And start imapd and courier-authdaemon (for IMAP authentication): 
kalikal@kali:~$ sudo imapd start 

(sudo /etc/init.d/courier-imap start) 

IMAPD version: 

You can find it with telnet request on port: 143 or 993 

Version: 4rev1 (IMAP4rev1) 

kalikal@kali:~§ sudo service courier-authdaemon start 

(sudo /etc/init.d/courier-authdaemon start) 

You can also configure courier-authdaemon to start on boot: 

kalikal@kali:~$ sudo systemctl enable courier-authdaemon 

Open the connections ports: 

$ sudo ufw 143 allow 

And the port 993, when you need it: 

$ sudo ufw 993 allow 

When you want to login with te/net on port 143 and get the message error like that: 
"* BYE [ALERT] Fatal error: No such file or directory: No such file or directory" 


Because the Courier IMAP server uses "maildirs" to store its mail, that requires you to 
create manually directories and grant permissions for them as the following: 


$ sudo mkdir -p ~newuser/Maildir/{ cur,new,tmp } 
$ sudo chown -R newuser:newuser ~newuser/Maildir 
$ chmod 700 -R ~newuser/Maildir/ 


Now, you can login to IMAP server with your user and a password by writing: 
a login username password 
And for disconnecting, type: 


a logout 
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kalika postfix |@kali:~$ telnet localhost 143 

Trying ::1... 

Connected to localhost. 

Escape character is '\]’. 

* OK [CAPABILITY IMAP4rev1 UIDPLUS CHILDREN NAMESPACE 
THREAD=ORDEREDSUBJECT THREAD=REFERENCES SORT QUOTA IDLE ACL 
ACL2=UNION STARTTLS ENABLE UTF8=ACCEPT] Courier-IMAP ready. Copyright 1998- 
2019 Double Precision, Inc. See COPYING for distribution information. 

a login newuser 963.tester 

a OK LOGIN Ok. 


Or, let the system create them for you automatically by configuring Postfix to use 
Maildir-style mailboxes: 


$ sudo postconf -e "home_mailbox = Maildir/" 
$ sudo /etc/init.d/postfix restart 
$ sudo /etc/init.d/postfix reload 


And when you send an email to the user account, the system creates the "Maildir" 
directory and its directories at "/nhome/username” directory. 


To check the new directory mails in "newuser" user, type: 


$ su - newuser 
$ MAIL =/home/newuser/Maildir 
$ mail 


We create another user ubunt-mails to be referred to its mails for Ubuntu machine 
client (user:ubunt) 


$ sudo useradd -m -s /bin/bash ubunt-mails 
$ passwd ubunt-mails 


After sending an email to this account (ubunt-mails@shareforshow1.com), we login 
and see what we have for emails, 


$ su - ubunt-mails 
$ MAIL =/home/newuser/Maildir 
$ mail 


Here, in the "/home/username/mbox" file, we find saved messages. 
It seems that all things are configured correctly. 


To check the authentication and verify if a user can connect through imap, type: 
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$ sudo authtest ubunt-mails 


Now go back to user "ubunt" for Ubuntu machine or whichever user and run telnet for 
IMAP server, 


$ telnet mail.shareforshow1.com 143 

Login with your username (ubunt-mails) and the password (963.ubunt): 
a login ubunt-mails 963.ubunt 

Select the inbox: 


a SELECT Inbox 


* 1 EXISTS 
* 0 RECENT 


You see that 1 mail (number of received mails) exists in the INBOX of which 0 is new. 
To read mails that exist with a title (with giving a mail number), type: 

a fetch 1 all 

To read body of the message, type: 

a fetch 1 body[] 

To list the available folders, type: 

a LIST" "™*" 


To find out whether there are any items in the inbox and to list all existed mails with the 
title, type: 


a LIST '"" "INBOX" 


a uid fetch 1:* (UID RFC822.SIZE FLAGS ENVELOPE BODY.PEEK[HEADER.FIELDS 
(REFERENCES)]) 


If there are 3 mails in the inbox and if you want to fetch only the last 2 mails, type: 


a.uid fetch 2:* (UID RFC822.SIZE FLAGS ENVELOPE BODY.PEEK[HEADER.FIELDS 
(REFERENCES)]) 


To enter idle mode, type: 
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a IDLE 

The capability command returns the list of extensions for Courier IMAP server, 
a capability 

For a logout: 

a LOGOUT 

Secure SMTP server 

To check if SMTP server is TLS enabled, type: 

$ openssl s_client -connect localhost:25 

To check STARTTLS (to use TLS encryption) wherever it is working, type: 
$ openssl s_client -connect localhost:25 -starttls smtp 

Or with telnet on port 25: 


§ telnet localhost 25 
ehlo test 


250-STARTTLS 


Now when you use command STARTTLS you get: 


STARTTLS 
220 2.0.0 Ready to start TLS 


Here, normally, the negotiation begins and your communication is secured, if you had a 
valid SSL/TLS certificate. If it is not working, you can send emails securely (with 
STARTTLS)using ssmtp program or with mail command, 


Install ssmtp: 

$ sudo apt-get install ssmtp 

Configuration of the ssmtp program: 

Into "/etc/ssmtp/ssmtp.conf" file, append the following text: 


$ sudo nano /etc/ssmtp/ssmtp.conf 
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root=ubunt-mails@shareforshow1.com 
mailhub=mail.shareforshow1.com:25 
rewriteDomain=shareforshow1.com 
#AuthUser=username 
#AuthPass=password 
FromLineOverride=YES 

UseTLS=YES 

usestarttls=yes 


Run ssmtp with supplying the recipient email address, and provide the details of the 
message as follows: 


$ ssmtp kalikal@shareforshow1.com 
To: kalikal@shareforshow1.com 

From: ubunt-mails@shareforshow1.com 
Subject: Test Message 

My content test! 


Press Ctrl + D to send. 
You can also put the text in file and send it as follows: 
$ ssmtp kalikal@shareforshow1.com < mail_file.txt 


By default the SMTP server gives choices to plaintext or encrypted communication. To 
enforce sending encrypted mails over TLS, edit the "/etc/postfix/main.cf" file in the 
following two parameters from "may: Opportunistic TLS" to "encrypt: Mandatory TLS 
encryption": 


smtpd_tls_security_level=encrypt 
smtp_tls_security_level=encrypt 


Save the file, restart and reload Postfix server. 
My postfix configuration file in "/etc/postfix/main.cf": 


kalikal@kali:~$ postconf -n 
alias_database = hash:/etc/aliases 
alias_maps = hash:/etc/aliases 
append_dot_mydomain = no 

biff = no 

compatibility_level = 2 
home_mailbox = Maildir/ 
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inet_interfaces = all 

inet_protocols = all 

local_recipient_maps = 

mailbox_size_limit = 0 

mydestination = $myhostname, shareforshow1.com, kali, localhost.localdomain, localhost 
myhostname = mail.shareforshow1l.com 

mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128 192.168.0.0/24 
myorigin = /etc/mailname 

readme_directory = no 

recipient_delimiter = + 

relayhost = 

smtp_tls_CApath = /etc/ssl/certs 

smtp_tls_security_level = may 

smtp_tls_session_cache_database = btree:${data_directory }/smtp_scache 
smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU) 
smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated 
defer_unauth_destination 

smtpd_tls_cert_file = /etc/ssl/certs/ssI-cert-snakeoil.pem 
smtpd_tls_key_file = /etc/ssl/private/ssl-cert-snakeoil. key 
smtpd_tls_security_level = may 


Secure IMAP server 


The default user and the group for Courier MTA has been changed to courier:courier 
(user:group). Check the permissions and file owners for the following files: 


=> /var/lib/courier 

=> /etc/courier 
Otherwise, for file owners, apply as following: 
$ sudo chown -R courier:courier /var/lib/courier 
$ sudo chown -R courier:courier /etc/courier/ 
To check if IMAP server is TLS enabled, type: 
$ openssl s_client -connect localhost:143 
Or: 


$ telnet localhost 143 


a STARTTLS 
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a OK Begin SSL/TLS negotiation now. 


Here, normally, you can communicate securely if you have a valid SSL/TLS certificate, 
else: 


Check if STARTTLS works with: 

$ openssl s_client -connect localhost:143 -starttls imap 

If not, install Courier IMAP SSL certificate: 

Edit the lines in the following file: 

$ sudo nano /etc/courier/imapd.cnf 

cn = "shareforshow1.com" 

email = "kalikal@shareforshow1.com" 

We know that the default location for this certificate is "/etc/courier/imapd.pem". 
Then apply: 


$ sudo rm -f /etc/courier/imapd.pem 

$ sudo cp /etc/courier/imapd.pem.pem /etc/courier/imapd.pem.pem.backup 
$ sudo rm -f /etc/courier/imapd.pem.pem 

$ sudo mkimapdcert 


Or, instead of the last line, reconfigure Courier IMAP with: 
$ sudo dpkg-reconfigure courier-imap 
And then: 


$ sudo cp /etc/courier/imapd.pem.pem /etc/courier/imapd.pem 
$ sudo chown courier:courier /etc/courier/imapd.pem 


Edit the following lines as the following: 
$ sudo nano /etc/courier/imapd-ssl 
IMAPDSSLSTART=NO 
IMAPDSTARTTLS=YES 
IMAP_TLS_REQUIRED=1 
TLS_PROTOCOL=TLS1.2 
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Set IMAP_TLS_REQUIRED to O if you do not REQUIRE STARTTLS for everyone. 
The location of the self-signed certificate is here: "/etc/ssl/certs/ca-certificates.crt" 
Check the owners and restart the servers: 


$ sudo /etc/init.d/courier-imap restart 
$ sudo /etc/init.d/courier-authdaemon restart 
$ sudo /etc/init.d/courier-imap-ssl restart 


Now, check again if the certificate works: 
$ openssl s_client -connect localhost:143 -starttls imap 
To get the shai fingerprint, type: 


$ sudo openssl x509 -in /etc/courier/imapd.pem -noout -fingerprint -sha1 
SHA1 Fingerprint=0B:8A:91:DD:8E:D8:A6: 73:F6:A5:FC:AF:FA:92:1B:50:FD:F5:15:51 


To get the sha256 fingerprint, type: 


$ sudo openssl x509 -in /etc/courier/imapd.pem -noout -fingerprint -sha256 

SHA256 
Fingerprint=FB:3A:81:F1:41:C7:B8:B7:46:DB:CB: C2: 78:6E:14:5B:B2:0B:57:F7:14:6B:0E: 
2B:C4:F0:A6:AC:19:17:FD:60 


To show the certificate, type: 
$ sudo openssl x509 -in /etc/courier/imapd.pem -noout -text 


Now you can use and configure Thunderbird application to fetch your mail securely 
using STARTTLS. 


Show the certificate on port 993: 
$ openssl s_client -connect localhost:993 -crlf 


You can also communicate securely with your IMAP server to fetch emails over here, 
like with telent. 


The Method to generate a certificate 


The simplest way to generate a private key (localhost.key) and a self-signed certificate 
(localhost.crt) for localhost (or your_domain_name:shareforshow1.com) is with this 
openss/ command: 


$ openssl req -x509 -out localhost.crt -keyout localhost.key \ 
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-newkey rsa:2048 -nodes -sha256 \ 
-subj '/CN=localhost' -extensions EXT -config <( \ 
printf "[dn]\nCN=localhost\n[req]\ndistinguished_name = dn\n[EXT]\ 


nsubjectAltName=DNS: localhost\nkeyUsage=digitalSignature\ 
nextendedKeyUsage=serverAuth") 


Although, we have been able to use the mail server safely to send and receive emails, 
the server needs more configuration to be used, like SMTP authentication, what 
authorized IP addresses that the server can use, etc. In addition, configure the DNS on 
public and use a valid certificate with known authority through Internet. 

4.2.16 Web-based system administration 

Install and run Webmin 


Webmin is a web-based interface for system administration for Unix/Linux. 


$ echo "deb https://download.webmin.com/download/repository sarge contrib" | sudo tee 
/etc/apt/sources. list.d/webmin. list 


$ wget https://download.webmin.com/jcameron-key.asc 
$ sudo apt-key add jcameron-key.asc 

$ sudo apt-get install apt-transport-https 

$ sudo apt-get update 

$ sudo apt-get install webmin 

$ sudo service webmin status 


Login with your user and password of the Linux system point in your private ip address 
or hostname in port 1000 with https as the following: 


$ links https://192.168.0.102:10000 


Or with Firefox using hostname: 


$ firefox https://kali: 10000 
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4.2.17 Sharing files 

Environment Integration between Linux-Windows 
1. Windows as files server 

Check out the shared files in Windows administration. 
Mounting Windows shares using CIFS from linux: 


(To install cifs "common internet file system" utilities package, type: sudo apt install 
cifs-utils) 


§$ sudo mkdir /mnt/Windows10 


$ sudo mount -t cifs //192.168.0.103/test_net -o user=wind-proof /mnt/Windows10 
Password for wind-proof@//192.168.0.103/test_net: 777 RRR RR 


Where “192.168.0.103” is the IP address of Windows 10 OS. 

2. Linux as files server including share of printers 

$ sudo systemctl start smbd 

(To install the samba server, type: sudo apt install samba) 

Edit the "smb.conf" file and add the following lines above: [printers], 
$ sudo nano /etc/samba/smb.conf 


[kalikal-shared-files] 

comment = kalikal shared files 

path = /home/kalikal/Linux_shared_files 
read only = no 

public = yes 

guest ok = yes 

browseable = yes 

valid users = kalikal 


Save the file and create samba password for the user: kalikal, 
$ sudo smbpasswd -a kalikal 

Restart samba server, 

$ sudo systemctl restart smbd 


Open the networks ports on firewall, for connecting to samba server, 
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$ sudo ufw allow 139 

And/Or: 

$ sudo ufw allow 445 

Go to Windows (file explorer) and browse shared files with: 
\\Linux_IP_address 


Example: For our server, the IP address is: 192.168.0.102, and for accessing, type the 
username and the password. 


This configuration will show the shared files and the home directory (“/home/kalikal” to 
read only) of the Linux (auto providing). To prevent samba server from providing the 
home directory, comment out within "smb.conf" the following parameters: 


#[homes] 
# comment = Home Directories 
#  browseable = no 
# read only = yes 
# create mask = 0700 
# directory mask = 0700 
# valid users = %S 
Environment Integration between Linux-Linux 
IP addresses and hosts for our examples: 
=> Client : kalikal (192.168.0.102). 
=> Server: ubunt (192.168.0.101). 


1. Shared directory with permissions 


The following demonstration is a simple way to share a directory. We will create a 
shared directory between two Local Users in Linux (Ubuntu), 


1- Create shared directory: 


$ sudo mkdir /home/shared-dir 
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2- Create users: 


$ sudo useradd user1 
$ sudo passwd user1 


$ sudo useradd user2 
$ sudo passwd user2 


3- Create common group: 

$ sudo groupadd project1 

4- Change group for shared directory: 

$ sudo chgrp project1 /home/shared-dir 

5- Change appropriate permissions for the shared directory: 
$ sudo chmod 770 /home/shared-dir/ 


Here, the others (users) have no permissions, so only user1, user2 and of course the 
root user who has access to read, write, and execute the content of the shared 
directory. 


6- Set the SGID (Set-Group-ID) bit for the shared directory 
$ sudo chmod +s /home/shared-dir 


Here, all newly created subdirectories/files under shared-dir will inherit shared-dir 
permissions. 


7- Finally, Add users to the common group with whom to share the directory: 
$ sudo usermod -a -G project1 user1 

$ sudo usermod -a -G project1 user2 

Test from other machine “Kali Linux”: 

1- Connect to user1: 


$ ssh user1@192.168.0.101 


$ Is /home 
file shared-dir ubunt 


$ ls /home/shared-dir 
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$ cd /home/shared-dir 


$ touch test. txt 
$ echo ‘hello' > test.txt 


$ ls /home/shared-dir 
test.txt 


2- Create other user to see if we can access or not: 
$ sudo useradd user3 

$ sudo passwd user3 

And after connection to user3, we test: 


$ ssh user1@192.168.0.101 


$ Is /home 
file shared-dir ubunt 


$ Ils /home/shared-dir 
Is: cannot open directory '/home/shared-dir': Permission denied 


$ cd /home/shared-dir 
-sh: 6: cd: can't cd to /home/shared-dir 


It’s clear here that you can also connect from another machine like Windows to use the 
shared directory. 


2. NFSv4 

To install packages in client (NFSv4 client), type: 
$ sudo apt-get install nfs-common 

To install packages in server (NFSv4 server), type: 


$ sudo apt-get install nfs-kernel-server 
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1- NFSv4 without Kerberos 

First example 

In server 

$ sudo mkdir /shared_files 

$ sudo mkdir /shared_files/users 

To mount the real home directory (for all existing users) to be shared, type: 

$ sudo mount --bind /home /shared_files/users 

To persist, without retyping each time, we add the following line to the "/etc/fstab” file, 
$ sudo nano /etc/fstab 

/home_ /shared_files/users none bind 0 0 


To start the SVCGSSD daemon (yes/no) (it is only required for security “kerberos 
exports”) 


$ sudo nano /etc/default/nfs-kernel-server 
NEED_SVCGSSD="no" 


To export our directories to a local network 192.168.0.1/24, add the followings lines to 
"/etc/exports", 


$ sudo nano /etc/exports 


/shared_files —192.168.0.1/24(rw,fsid=0,no_subtree_check,sync) 
/shared_files/users 192.168.0.1/24(rw,nohide,insecure,no_subtree_check,sync) 


Restart NFS server, 


$ sudo service nfs-kernel-server restart 

You may also need to restart idmapd: 

$ sudo service nfs-idmapd restart 

Open the port on firewall for connecting NFS server. 


$ sudo ufw allow 2049/tcp 
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In client: 

To mount the complete export tree, type: 

$ sudo mount -t nfs4 -o proto=tcp,port=2049 192.168.0.101://mnt 
(sudo mount -t nfs4 -o proto=tcp,port=2049 nfs-server:/ /mnt) 
To mount the export subtree, type: 

$ sudo mkdir /home/users 

$ sudo mount -t nfs4 -o proto=tcp,port=2049 192.168.0.101:/users /home/users 
For persistence, add in "/etc/fstab" file, the following line: 

$ sudo nano /etc/fstab 

192.168.0.101:/ /mnt nfs4 _netdev,auto 0 0 

The second example 


Another example for two shared folders, one of which "private_shared_files" is a share 
permission read-write for a specific IP address of the client: 192.168.0.102, and the 
other one "public_shared_files" which is a share of read-only is for everyone. 


In server 

$ sudo mkdir /private_shared_files 

$ sudo mkdir /public_shared_files 

$ sudo chmod 777 /private_shared_files 
$ sudo chmod 755 /public_shared_files 
$ sudo nano /etc/exports 


/private_shared_files 192.168.0.102(rw,sync,no_subtree_check) 
/public_shared_files *(ro,sync,no_subtree_check) 


To re-export (-r) all (-a) the NFS shares, type: 
$ sudo exportfs -arvf 


-f ; If /proc/fs/nfsd or /proc/fs/nfs is mounted, flush everything out of the kernel's export 
table. -v ; Be verbose. 
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Restart and enable the service, 

sudo systemctl restart nfs-kernel-server 

sudo systemctl enable nfs-kernel-server 

In client 

To display the export list on the server (192.168.0.101), type: 
$ showmount -e 192.168.0.101 

showmount ; Show mount information for an NFS server. 
Create two folders in directory "/mnt" to mount on, 

$ sudo mkdir /mnt/private_shared_files 

$ sudo mkdir /mnt/public_shared_files 

Now is the time for mounting and using the share folders, 

$ sudo mount -t nfs 192.168.0.101:/private_shared_files /mnt/private_shared_files 
$ sudo mount -t nfs 192.168.0.101:/public_shared_files /mnt/public_shared_files 
To check whether the file server is mounted, type: 

$ mount 

To explore, type: 

$ cd /mnt/private_shared_files 

Or for the other: 

$ cd /mnt/public_shared_files 

To unmount it: 

$cd.. 


$ sudo umount /mnt/private_shared_files 
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2- NFSv4 with Kerberos: 


Kerberos is a network authentication protocol providing a strong authentication 
between client and server using a trusted third party. 


At first we are going to generally install and configure a Kerberos server, and configure 
a client. Then we configure the NFS of the first of the previous examples with kerberos. 


For this problem, we will create a MIT Kerberos (is also the name of this application 
which provides an easy interface to the Kerberos protocol) domain with the following 
features: 


=> Realm: shareforshow.com (local domain) 

=> KDC (Key Distribution Center) : ubunt.shareforshow.com (192.168.0.101) 
=> User principal: ubunt 

=> Admin principal: ubunt/admin 


In this example, we have three entities the Kerberos server (KDC), the NFS server, 
and the NFS client in which they are being installed in two objects (machines). Where 
NFS client is in Kali Linux machine, and Kerberos server and NFS server are in the 
same machine, in Ubuntu, but as better to be both (the last two servers) in separate 
objects. 


In server 

$ sudo apt install krb5-kdc krb5-admin-server 

Editing the hostname for the Kerberos and Admin servers: 
Domain or default_realm : SHAREFORSHOW.COM 

kdc : ubunt.shareforshow.com 

admin_server : ubunt.shareforshow.com 


$ sudo krb5_newrealm 

This script should be run on the master KDC/admin server to initialize 
a Kerberos realm. It will ask you to type in a master key password. 
This password will be used to generate a key that is stored in 
/etc/krb5kdc/stash. You should try to remember this password, but it 

is much more important that it is a strong password than that it is 
remembered. However, if you lose the password and /etc/krb5kdc/stash, 


192 


you cannot decrypt your Kerberos database. 

Loading random data 

Initializing database '/var/lib/krb5kdc/principal' for realm 'SHAREFORSHOW.COM', 
master key name 'K/M@SHAREFORSHOW.COM' 

You will be prompted for the database Master Password. 

It is important that you DON’T FORGET this password. 

Enter KDC database master key: 


The questions asked during installation are used to configure the: 
“letc/kro5.conf” and “/etc/kro5kdc/kdc.conf’ files. 


If you need to adjust the KDC settings simply edit the file and restart the krb5-kdc 
daemon with: 


§$ sudo service krb5-kdc restart 


If you need to reconfigure Kerberos from scratch, perhaps to change the realm name, 
you Can do so by typing: 


$ sudo dpkg-reconfigure krb5-kdc 
More information about the manpage of “krb5.conf” is in the “krb5-doc” package. 
Create the admin principal (admin user): 


$ sudo kadmin.local 

Authenticating as principal root/(admin@SHAREFORSHOW.COM with password. 
kadmin.local: addprinc ubunt/admin 

WARNING: no policy specified for ubunt/admin@SHAREFORSHOW.COM; defaulting to no 
policy 

Enter password for principal "ubunt/admin@SHAREFORSHOW.COM": 

Re-enter password for principal "ubunt/admin@SHAREFORSHOW.COM": 

Principal "ubunt/admin@SHAREFORSHOW.COM" created. 

kadmin.local: quit 


Then, the new admin user needs to have the appropriate Access Control List (ACL) 
permissions. The permissions are configured in the “/etc/krob5kdc/kadm5.acl” file: 


$ sudo nano /etc/krb5kdc/kadm5.acl 
ubunt/admin@SHAREFORSHOW.COM ie 


Now restart the kro5-admin-server for the new ACL to take affect: 
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$ sudo systemctl restart krb5-admin-server.service 

Configure the name resolution, 

$ sudo nano /etc/hosts 

192.168.0.101 ubunt.shareforshow.com ubunt 

192.168.0.102  kalikal.shareforshow.com kalikal 

The new user principal can be tested using the Kinit utility: 
$ kinit ubunt/admin 

Password for ubunt/admin@SHAREFORSHOW.COM: 

After entering the password, use the klist utility to view information about the Ticket 
Granting Ticket (TGT): 

$ klist 

Ticket cache: FILE:/tmp/krb5cc_1000 

Default principal: ubunt/admin@SHAREFORSHOW.COM 
Valid starting Expires Service principal 


2020-12-22 09:33:26 2020-12-22 19:33:26 
krbtg/SHAREFORSHOW.COM@SHAREFORSHOW.COM 


renew until 2020-12-23 09:33:09 


Where the cache filename krb5cc_1000 is composed of the prefix krb5cc_ and the 
user id (uid), which in this case is 1000. 


kinit will inspect “/etc/krb5.conf” to find out which KDC to contact, and its address. The 
KDC can also be found via DNS lookups for special TXT and SRV records. You can 
add these records to your shareforshow.com DNS zone: 


_kerberos._udp.SHAREFORSHOW.COM. IN SRV 1 088 ubunt.shareforshow.com. 
_kerberos._tcp.SHAREFORSHOW.COM. IN SRV 1 0 88 ubunt.shareforshow.com. 
_kerberos-adm._tcp.SHAREFORSHOW.COM. IN SRV 1 0 749 
ubunt.shareforshow.com. 

_kpasswad._udp.SHAREFORSHOW.COM. IN SRV 1 0 464 
ubunt.shareforshow.com. 
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A very quick and useful way to troubleshoot what kinit is doing is to set the 
environment variable KRB5 TRACE to a file, or stderr, and it will show extra 
information. 


$ sudo KRB5_TRACE=/dev/stderr kinit ubunt/admin 

Your new Kerberos Realm is now ready to authenticate clients. 

($ sudo systemctl status krb5-kdc.service) 

In client 

$ sudo apt install krb5-user sssd-krb5 

(In Kali Linux: If an issue about mitmproxy, just remove it and install it later) 
You will be prompted to enter the addresses of your KDCs and admin servers. 
The default_realm is SHAREFORSHOW.COM 

Request of “KDC hostnames”: 

ubunt.shareforshow.com 

(If there are other KDC put it separated with space) 

And request of “Admin server”: 

ubunt.shareforshow.com 

You can reconfigure the package to fill in the properties again: 

$ sudo dpkg-reconfigure krb5-config 

Or by editing “/etc/krb5.conf” with: 

$ sudo nano /etc/krb5.conf 

Add the following line to “hosts” file for name resolution: 

$ sudo nano /etc/hosts 


192.168.0.102  kalikal.shareforshow.com kalikal 
192.168.0.101 ubunt.shareforshow.com ubunt 


Back to the server for opening ports connection on firewall (kdc_ports : 750,88): 


$ sudo ufw allow 88/tcp 
$ sudo ufw allow 88/udp 
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$ sudo ufw allow 750/tcp 
$ sudo ufw allow 750/udp 


Now you can test in client, the kerberos configuration by requesting a ticket using the 
kinit utility. For example: 


$ kinit ubunt/admin@SHAREFORSHOW.COM 


(if it doesn't work, simply, copy the file "/etc/kro5.conf" from the server to client in the 
same location and file permissions. 


Let’s also create a non-admin principal for ubunt, 

But firstly, we open the ports on firewall in the server of the kadmind daemon, 
$ sudo netstat -pIn| grep kadmin ; To display the tcp/udp ports connections. 

$ sudo ufw allow 749/tcp 


$ sudo ufw allow 464/tcp 
$ sudo ufw allow 464/udp 


Then, 


$ kadmin -q "addprinc ubunt" 

Authenticating as principal ubunt/admin@SHAREFORSHOW.COM with password. 
Password for ubunt/admin@SHAREFORSHOW.COM: 

No policy specified for ubunt@SHAREFORSHOW.COM,; defaulting to no policy 
Enter password for principal "ubunt@SHAREFORSHOW.COM": 

Re-enter password for principal "ubunt@SHAREFORSHOW.COM": 

Principal "ubunt@SHAREFORSHOW.COM*" created. 


Finally, the remaining configuration now is for sssd (System Security Services 
Daemon). Create the file "/etc/sssd/sssd.conf" with the following content: 


$ sudo nano /etc/sssd/sssd.conf 
[sssd] 

config_file_version = 2 
services = pam 

domains = shareforshow.com 


[pam] 


[domain/shareforshow.com] 
id_provider = proxy 
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proxy_lib_name = files 

auth_provider = krb5 

krb5_server = ubunt.shareforshow.com 
krb5_kpasswd = ubunt.shareforshow.com 
krb5_realm = SHAREFORSHOW.COM 


The configuration above will use kerberos for authentication (auth_provider), but will 
use the local system users for user and group information (id_provider). 


Adjust the permissions of the config file and start sssd: 
$ sudo chown root:root /etc/sssd/sssd.conf 

$ sudo chmod 0600 /etc/sssd/sssd.conf 

$ sudo systemctl start sssd 


If the user of a Kerberos principal “ubunt” already exists on the local system, try logging 
in using this name with: 


$ sudo login 

$ klist 

And you will have a Kerberos ticket. 

Now, the NFS with MIT kerberos, 

$ kinit ubunt/admin 

(kadmin -q "addprinc -randkey nfs/nfs-server.domain") 


$ kadmin -q "addprinc -randkey nfs/ubunt.shareforshow.com" 

Authenticating as principal ubunt/admin@SHAREFORSHOW.COM with password. 

Password for ubunt/admin@SHAREFORSHOW.COM: 

No policy specified for nfs/ubunt.shareforshow.comn@SHAREFORSHOW.COM; defaulting to no 
policy 

Principal "nfs/ubunt.shareforshow.com@SHAREFORSHOW.COM" created. 


(kadmin -g "addprinc -randkey nfs/nfs-client.domain") 


$ kadmin -q "addprinc -randkey nfs/kalikal.shareforshow.com" 

Authenticating as principal ubunt/admin@SHAREFORSHOW.COM with password. 
Password for ubunt/admin@SHAREFORSHOW.COM: 

No policy specified for nfs/kalikal.shareforshow.comn@SHAREFORSHOW.COM;; defaulting to 
no policy 
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Principal "nfs/kalikal.shareforshow.com@SHAREFORSHOW.COM" created. 


Now, add these to the keytab-files on your NFS server and client. Log in to your 
NFSserver and initialize as Kerberos administrator. 


(nfs-sever# kadmin -p admin/admin -q "ktadd nfs/nfs-server.domain") 


ubunt@meet:~§ sudo kadmin -p ubunt/admin -q "ktadd nfs/ubunt.shareforshow.com" 

[sudo] password for ubunt: 

Authenticating as principal ubunt/admin with password. 

Password for ubunt/admin@SHAREFORSHOW.COM: 

Entry for principal nfs/ubunt.shareforshow.com with kvno 3, encryption type aes256-cts-hmac- 
sha1-96 added to keytab FILE:/etc/krb5.keytab. 

Entry for principal nfs/ubunt.shareforshow.com with kvno 3, encryption type aes128-cts-hmac- 


sha1-96 added to keytab FILE:/etc/krb5.keytab. 
And add it to the client's keytab file: 
(nfs-client# kadmin -p admin/admin -g "ktadd nfs/nfs-client.domain") 


kalikal@kali:~§$ sudo kadmin -p ubunt/admin -q "ktadd nfs/kalikal.shareforshow.com" 

[sudo] password for kalikal: 

Authenticating as principal ubunt/admin with password. 

Password for ubunt/admin@SHAREFORSHOW.COM: 

Entry for principal nfs/kalikal.shareforshow.com with kvno 3, encryption type aes256-cts-hmac- 
sha1-96 added to keytab FILE:/etc/krb5.keytab. 

Entry for principal nfs/kalikal.shareforshow.com with kvno 3, encryption type aes128-cts-hmac- 
sha1-96 added to keytab FILE:/etc/krb5.keytab. 


NFS Server with Kerberos: 
Check your machine credentials in /etc/kro5.keytab. 


ubunt@meet:~§ sudo ktutil 
ktutil: rkt /etc/krb5.keytab 
ktutil: list 
slot KVNO Principal 
1 3nfs/ubunt.shareforshow.con@SHAREFORSHOW.COM 
2 3 nfs/ubunt.shareforshow.com@SHAREFORSHOW.COM 
ktutil: exit 
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For more information, type: 


ubunt@meet:~§ sudo klist -e -k /etc/krb5.keytab 
Keytab name: FILE:/etc/krb5.keytab 
KVNO Principal 


3 nfs/ubunt.shareforshow.com@SHAREFORSHOW.COM (aes256-cts-hmac-sha1-96) 
3 nfs/ubunt.shareforshow.com@SHAREFORSHOW.COM (aes128-cts-hmac-sha1-96) 


Set NEED_SVCGSSD to "yes" in the following file: 


ubunt@meet:~§ sudo nano /etc/default/nfs-kernel-server 


NEED_SVCGSSD=yes 


To export our directories from the example above to a local network 192.198.0.1/24, 
we add the following lines to "/etc/exports", 


$ sudo nano /etc/exports 


/shared_files 192.168.0.1/24(rw,no_subtree_check,sec=krb5,anongid=65534) 
/shared_files/users 192.168.0.1/24(rw,no_subtree_check,sec=krb5,anongid=65534) 


To display your exports, type: 

$ sudo exportfs -v 

Re-export (-r) all (-a) the NFS shares, 

$ sudo exportfs -arv 

Restart the service, 

$ sudo service nfs-kernel-server restart 

To verify the status of the gssd daemon, type: 
$ systemctl status rpc-gssd.service 

NFS Client with Kerberos 

To check your machine credentials in “/etc/kro5.keytab” file, type: 
kalikal@kali:~§ sudo ktutil 

ktutil: rkt /etc/krb5.keytab 
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ktutil: list 
slot KVNO Principal 


1 3nfs/kalikal.shareforshow.con@SHAREFORSHOW.COM 
2 3 nfs/kalikal.shareforshow.com@SHAREFORSHOW.COM 
ktutil: exit 


Now, we can securely mount the complete export tree with: 
(mount -t nfs4 -o sec=krb5 nfs-server:/ /mnt) 

$ sudo mount -t nfs4 -o sec=krb5 ubunt:/ /mnt 

We can also securely mount an exported subtree with: 
(mount -t nfs4 -o sec=krb5 nfs-server:/users /home/users) 
$ sudo mount -t nfs4 -o sec=krb5 ubunt:/users /home/users 


Use the clientaddr option if your client is NATed, assuming your client public ip address 
iS X.y.W.Z: 


(mount -t nfs4 -o sec=krb5,clientaddr=x. y.w.z nfs-server:/users /home/users) 
$ sudo mount -t nfs4 -o sec=krb5,clientaddr=a.b.c.d ubunt:/users /home/users 


You should note that you cannot make any changes on shares (you can copy the files 
to your system) and the owner’s files are all with nobody:nobody (owner:group). In this 
case, the suggested solution is to create a group called nfs and add the nfsnobody 
user to it, then change the permissions of the /shared_files directory and 
/shared_files/users subdirectory to 770 and its group owner to nfs. Thus, nfsnobody 
(which is mapped to the client requests) will have written permissions on the share. 


$ sudo groupadd nfs 

$ sudo usermod -a -G nfs nfsnobody 
$ sudo chmod 770 /shared_files 

$ sudo chmod 770 /shared_files/users 
$ sudo chgrp nfs /shared_files 

$ sudo chgrp nfs /shared_files/users 


Export directories, with editing the file as following: 
sudo nano /etc/exports 


/shared_files 192.168.0.1/24(rw,sec=krb5,anongid= 1004) 
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/shared_files/users 192.168.0.1/24(rw,sec=krb5,anongid=1004) 


The value of anongid has been set to the G/D of the nfs group that we have created 
previously. 


Re-export all the NFS shares: 

$ sudo exportfs -arv 

Restart and enable the NFS server and related services. 

3. Sharing files using web server 

In server machine 

Installing in Kali linux which has an IP address: 192.168.0.102. 
1- Using Apche2 web server 


$ sudo apt install apache2 

$ sudo service apache? start 

$ cd var/www/html 

$ sudo mkdir dir_files 

$ sudo touch dir_files/share1.txt dir_files/share2. txt 


$ links http://127.0.0.1/dir_files 


Or with Firefox: 


$ firefox http://127.0.0.1/dir files 


Open the communication port of the apache server and go to other machine in the 
same network (Ubuntu in our case) and type the link with the IP of the server machine: 


$ sudo allow 80/tcp 

In Client machine 

$ links http://192.168.0.102 

2- Using Python without basic authentication 
The first example 

In server 

With pythons: 

kalikal@kali:~/Directory$ python3 -m http.server 
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Serving HTTP on 0.0.0.0 port 8000 (http://0.0.0.0:8000/) ... 


By default the port of communication is 8000 to everyone with address 0.0.0.0, for 
serving the “Directory” folder on the web browser. 


$ sudo ufw allow 8000 
In client 


$ links http://192.168.0.102:8000 


To run as Common Gateway Interface (CGI is a standard way of running programs 
from a web server) server, go back to the server and type: 


$ python3 -m http.server --cgi 8000 

To share files in a specific directory “Downloads”, type: 
$ python3 -m http.server -d Downloads 

Second example 

In server 

$ python3 -m http.server 8080 --bind 127.0.0.1 


Binding to local address 127.0.0.1 means accessing is only locally so we cannot 
access it from another machine in the same network, to make that work, type: 


$ python3 -m http.server 8080 --bind 0.0.0.0 

Where the binding is for everyone: 0.0.0.0 

Or with binding to our private server IP: 192.168.0.102: 

$ python3 -m http.server 8080 --bind 192.168.0.102 

And then Opening the port: 8080 to communicate to server, 
$ sudo ufw allow 8080 


And from client side, type: 


$ links http://192.168.0.102:8080 
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Example for python 2.7 
In server 


$ python -m SimpleHTTPServer 
Serving HTTP on 0.0.0.0 port 8000 ... 


$ sudo python -m SimpleHTTPServer 443 
Serving HTTP on 0.0.0.0 port 443 ... 


For this example and the next section we use python 2.7 (it works, despite being 
deprecated, but be aware of security reasons). 


3- Using python with basic authentication 


We do it with python 2.7 instead of python 3 because python 3 causes errors to run 
and we also need to configure a secure authentication with python web server. 


In server 

In the following example we will share a home directory “/home/kalikal”, 
$ sudo apt install python-pip ; To install pip. 

$ pip install SimpleHTTPAuthServer 

$ python -m SimpleHTTPAuthServer -h ; For help. 


$ openssl req -newkey rsa:2048 -new -nodes -x509 -days 3650 -keyout 
/home/kalikal/.ssh/key.pem -out /home/kalikal/.ssh/cert.pem 


$ sudo python -m SimpleHTTPAuthServer --dir /home/kalikal --https 443 
your_username:your_password 


Serving HTTP on 0.0.0.0 port 443 ... 
Or to connect via port 8080, type: 


$ python -m SimpleHTTPAuthServer --dir /home/kalikal --https 8080 
your_username:your_password 


Serving HTTP on 0.0.0.0 port 8080 ... 
$ sudo ufw allow 443 

Or: 

$ sudo ufw allow 8080 
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In client 
For port 443, type: 


$ links https://192.168.0.102 
Otherwise for 8080, type: 


$ links https://192.168.0.102:8080 


Click “Yes” after seeing an “Invalid certificate” warning or in firefox browser select as 
the following: Advanced>Accept the Risk and Continue. 


Now taking the second example (with --https 8080), if you want to share the home 
directory for everyone over Internet, | will provide you with two solutions: 


a. With a static public IP address if you have one, 


Go to your router admin (http://192.168.0.1) and login (may be with Username: admin, 
Password: admin). After that edit in “Forwarding” the virtual servers as the following: 


=> Aservice port (as an external port): 8080 
=> An internal port : 8080 
=> The IP address : 192.168.0.102 
=> Protocol : TCP 
Status : Enabled 
And save the configuration. 


Here we've NATed the server (192.168.0.102) i.e. we’ve made it possible to get traffic 
from the outside to our private address of the server. Use the external port 8080 of our 
router and its public address assuming it is x.y.w.z of our router and the local/private IP 
192.168.0.102 and its port which is the internal one 8080. 


Now from client side, type: 
$ links https://x.y.w.z:8080 
b. With Ngrok (forwoarding without router), 


To get the application: https://ngrok.com/download 


After signing up to use TCP tunnels in server, type: 
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$ ./ngrok tcp 8080 


Forwarding tcp://4.tcp.ngrok.io: 15854 -> localhost:8080 


Now from client side, type: 


$ links https://4.tcp.ngrok.io:15854/ 


Actually, these two methods are one of many that are usually used for forwarding and 
to exploit over WAN (Internet) your local servers such as a Web server, SSH server, 
RDP server and Mail server. 


4.2.18 Database 
$ sudo service mysq] start ; Start the server MYSQL. 


$ sudo mysql -u root ; Or just sudo mysq]. 
Or: 

$ sudo mariadb 

MariaDB [(none)]> help 


MariaDB [(none)]> tee my_history.txt ; Using outtfile “my_history.txt” to save actions 
history in it. 


MariaDB [(none)]> status ; Get status information from the server. 
MariaDB [(none)]> show databases; 

MariaDB [(none)]> use mysql 

MariaDB [mysql]> show tables; 

MariaDB [mysql]> show processlist; 

MariaDB [mysql]> show columns from user; 

MariaDB [mysql]> select * from user; 

To open a database source file as “file_name.sql”, type: 


MariaDB [(none)]> source /home/kalikal/my_database.sql ; Execute an SQL script file. It 
takes a file name as an argument. 
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MariaDB [(none)]> \q ; Or exit. 

Create the database 

$ sudo service mysq] start 

$ sudo mysql -u root 

MariaDB [(none)]> create database my_database; 
MariaDB [(none)]> show databases; 

MariaDB [my_database]> use my_database 


MariaDB [my_database]> create table my_table(name varchar(35),username 
varchar(25),birthday date,id int(5)); 


MariaDB [my_database]> show tables; 


MariaDB [my_database]> insert into my_table(id,yname,username, birthday) 
values(1,'tester’,'tester_user’,'1987-05-18'); 


How to display eliminating duplicate rows from results 
MariaDB [my_database]> select DISTINCT * from my_table; 
To delete the first row of the table, type: 

MariaDB [my_database]> delete from my_table limit 1; 

To delete all rows from table, type: 

MariaDB [my_database]> delete from my_table; 

To delete a table “my_table”, type: 

MariaDB [my_database]> DROP TABLE my_table; 

To delete a database “my_database’”, type: 

MariaDB [my_database]> DROP DATABASE my_database; 
MariaDB [(none)]> \q 

To grant access for user 'kalikal'@'localhost' (create a user for the database), 
$ sudo mysq| -u root 


First method: 
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MariaDB [(none)]> use mysql 

MariaDB [mysql] > CREATE USER ‘kalikal'@'localhost' IDENTIFIED BY 'Password!3#21'; 
\q 

$ mysql -u kalikal -p 

Enter password: 

Second method: 


MariaDB [(none)]> GRANT ALL PRIVILEGES ON *.* TO 'kalikal'@'localhost' IDENTIFIED 
BY 'Password!3#21'; 


\q 
$ mysql -u kalikal -p 


4.2.19 Cryptography and hiding 
Encoding 


Encoding in short, is the process of converting information from one form to another. 
Decoding information (returns information to origin form) is possible for everyone. 


Base64 encode: 


$ echo "information" | echo $(base64) 
aW5mb3JtYXRpb24K 


Base64 decode: 


$ echo "aW5mb3JtYXRpb24K"" | echo $(base64 -d) 
information 


Encryption 


Encryption in short, is the process of converting information to an 
unrecognizable form. 


1. ccrypt ; Secure encryption and decryption of files and streams. It uses Rijndael 
cypher.The Advanced Encryption Standard (AES), also known by its original name 
Rijndael. You can find out the package for installing in Kali Linux packages or on the 


website: http://ccrypt.sourceforge.net/. 
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$ ccrypt -V ; App version. 
ccrypt 1.11. 


$ ccencrypt file ; Encrypt a file. 
$ ccdecrypt file ; Decrypt it. 


$ ccencrypt -r directory/ ; Encrypt all files recursively through directories. 
$ ccdecrypt -r directory/ ; Decrypt them. 


2. Encrypt a File with openssl 

To encrypt the file “file3.c’” to “file3.c.enc’”, type: 

$ openssl enc -aes-256-ctr -salt -e -pbkdf2 -in file3.c -out file3.c.enc 

enc: Symmetric cipher routines allow data to be encrypted or decrypted. 
-aes-256-ctr: Using AES-256 in CTR mode (to find the list: $ openss/ enc -list). 
-e: Encrypt. 

-pbkdf2: Use PBKDF2 algorithm with default iteration count for Key derivation. 


-Salt: Use salt (randomly generated or provide with -S option) when encrypting, this is 
the default. 


To decrypt the file “file3.c.enc” and write it in new file “file3-0.c”, type: 
$ openssl enc -aes-256-ctr -d -pbkdf2 -in file3.c.enc -out file3-0.c 

-d: Decrypt 

To encrypt the string, type: 

$ echo -n "Secret-Words" | openssl enc -e -aes-256-ctr -a -salt -pbkdf2 

-a: Base64 encode/decode, depending on encryption flag. 

To decrypt the encrypted string, type: 


$ echo "U2FsdGVkX 1/hy4ql3ZasSwakY8WOOv7XypH1Tj0OS+5Y=" | openssl enc -aes-256-ctr - 
a -d -pbkdf2 


You can add a supplied password, the flag: -pass pass:your_password or -pass 
file:pass_ file (if the password in the file) to the above listed commands for 
encryption/decryption. 
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3. Encryption of drive/partition 

cryptsetup ; manage plain dm-crypt and LUKS encrypted volumes. 

So we will use cryptsetup package (to install it, type: sudo apt install cryptsetup), 
Encrypt our flash drive: 


$ sudo Isblk -o +name,mountpoint,uuid ; To see information partitions with details. 
$ sudo cryptsetup --verbose --verify-passphrase luksFormat /dev/sdb1 ; This will overwrite 
data on “/dev/sdb”1 irrevocably and choose the passphrase. 


YES ; Write “yes” in capital and hit Enter. 


$ sudo cryptsetup luksOpen /dev/sdb1 sdb1 

$ sudo fdisk -l 

$ sudo mkfs.ext4 /dev/mapper/sdb1 -L "MyData" ; -L Volume-label (gives a name to the 
flash drive). Waiting for a while. 

$ sudo tune2fs -m 0 /dev/mapper/sdb1 ; tune2fs allows the system administrator to adjust 
various tunable filesystem parameters on Linux ext2, ext3, or ext4 filesystems. -m 
reserved-blocks-percentage (Setting reserved blocks percentage to 0% (0 blocks)). 

$ sudo mkdir /mnt/encrypted_flashdrive 

$ sudo mount /dev/mapper/sdb1 /mnt/encrypted_flashdrive 

$ sudo touch /mnt/encrypted/test.txt ; Create a file for testing. 

$ sudo chown -R ‘whoami-:users /mnt/encrypted_flashdrive ; Change the permission of the 
owner: kalikal and the group: users. 

$ sudo umount /dev/mapper/sdb1 

$ sudo cryptsetup luksClose sdb1 


Opening our newer encrypted flash drive in terminal: 
$ Isblk ; To see information partitions. 
To open the flash drive, type: 


$ sudo cryptsetup luksOpen /dev/sdb1 sdb1 
$ sudo mount /dev/mapper/sdb1 /mnt/encrypted_flashdrive 


To close the flash drive, type: 


$ sudo umount /dev/mapper/sdb1 
$ sudo cryptsetup luksClose sdb1 


You can open the flash drive from GUI mode when you plug it in the system. 
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Encryption of grub 


The encryption of grub in the start of the Kali/Ubuntu Linux system is very important 
mostly if your Linux disk not encrypted. Thus, to avoid the change of root password in 
startup. 


$ sudo cp /boot/grub/grub.cfg /boot/grub/grub.cfg.back 
$ cd /etc/grub.d 
$ grub-mkpasswd-pbkdf2 ; Create a password and PBKDF2 hash of the password. 


Copy-past in end of the file “10_ linux”: 


$ sudo nano 10_linux 

cat<<EOF 

set superusers="root" 

password_pbkd/2 root grub.pbkdf2.sha512.10000.9CA4611006FE96BC77A... 
EOF 


Save and close the file. 
(sudo update-grub ; If you got a problem like in generating grub configuration file) 


$ sudo grub-mkconfig -o /boot/grub/grub.cfg 
$ sudo reboot ; During the reboot you will be asked to type your username root and 


password. 
Decrypt the grub 


Mount with Live CD/DVD (Kali Linux or Ubuntu) to System partition “/dev/sda6” for 
example. When the Linux System is loaded, type in the terminal: 


$ sudo mount /dev/sda6 /mnt/ 
$ cd /mnt 


Then type the following line command: 


$ for i in /sys /proc /run /dev; do sudo mount --bind "$i" "/mnt$i"; 
> done 
$ sudo nano /etc/grub.d/10_linux 


Remove the four added lines at the end, that are indicated above in encryption of grub, 
and save the file, 


$ sudo update-grub 
$ sudo grub-install /dev/sda ; \nstalling for i386-pc platform. 
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$ sudo update-grub 
$ reboot 


Decrypt a drive 


Decrypt a drive with filesystem type LVM2 (Logical Volume Management). The taken 
example is if your Linux disk is encrypted, and you want to read it from the externe 
through a drive reader. 


$ Isblk 


$ sudo cryptsetup luksOpen /dev/sda3 sda3 
Enter passphrase for /dev/sda3: 


$ sudo mount /dev/mapper/sda3 /mnt 
mount: /mnt: unknown filesystem type 'LVM2_member'. 


$ sudo apt install lvm2 
$ sudo lvmdiskscan 

$ sudo lvscan 

$ Isblk 


(sudo vgchange -ay ; It activates the volume group, and all associated physical and 
logical volumes. 


sudo Ivscan) 

$ sudo mount /dev/kali-vg/root /mnt 

$ cd /mnt 

$ Is 

Steganography/Hiding 

$ cp file3 file3_to_Hide 

1- Using steghide command 

steghide ; Asteganography program 

To embed file3_to_ Hide in image.jpg, type: 


$ steghide embed -cf image.jpg -ef file3_to_Hide 
Enter passphrase: 
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$ steghide info image.jpg ; To get information about “image.jpg” and about embedded 
data. 


To get info about the image also, we use the tool exiftool, 
$ exiftool image.jpg 

To extract data 

$ steghide extract -sf image.jpg ; Extract data “file3_to Hide”. 


$ steghide extract -sf image.jpg -xf file3_to_Hide02 ; Extract the data in selected file name 
“file3_to_HideO2”. 


2- Using cat command 
$ cat image.jpg file3_to_Hide > image02.jpg 
Hashing 


Hash is the kind of a fingerprint of the file. Any little modification will be considered as 
another file that allows to generate another hash. It is used for security reasons. 


Generate a hach for file 


$ hashdeep file3.c ; Compute by default the two hashes (MD5, SHA-256). Add the flag -c 
to determine which one you want to run (md5,sha1,sha256 ,tiger,whirlpool) 


120,e5c856dd0970f589f22ee30b0cc59c1c,2a08c54e01f957bd971e4561923cf1fc82071f9ce34eef 
ce27cb20d55 1 9fefe0,/home/kalikal/file3.c 


The Output: 

120 : is the size of the file in bytes. 

e5c856dd09 70f589f22ee30b0cc59cic : MD5 
2a08c54e01f957bd971e4561923cf1fc82071f9ce34eefce27cb20d5519fefed : SHA-256 
We can also use other commands such as: 

$ md5sum file3.c 

$ sha256sum file3.c 

$ sha512sum file3.c 
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Identification of the hash 

hashid ; Identify the different types of hashes used to encrypt data. 
$ hashid -m 'put_your_hash' 

Reset / Reinitialize Linux root password 


1- During the booting, select the “‘Advanced options for GNU/Linux” >press e (for 
edit)> (change from ro: “read-only” mode to rw: “read-write” mode) Find the line 
starting with “linux” then, look for “ro” and change it into “rw” > add init=/bin/bash at the 
end of the same line > Press F10. 


After getting a shell screen, type: 


root@(none):/# mount -n -o remount,rw/ ; To Mount the root filesystem in read-write 
mode. 


root@(none):/# passwd root ; To reset the lost root password. 


root@(none):/# passwd username ; To change the password of the superuser as an 
example. 


root@(none):/# exec /sbin/init ; To exit the shell and reboot the computer. 
2- Using Live CD/DVD/USB 
This method is avoiding the grub encryption in system boot. 


Boot your system from your Bootable live DVD (exp: Kali Linux, Ubuntu) for example, 
go to use /ive and not install, then use a root privilege. 


Find the requested disk partition with: 

# fdisk -l 

Or: 

# Isblk 

In our case, it is “/dev/sda1”. 

Mount the disk partition of the system with: 
# mkdir /mnt/retrieve 


# mount /dev/sdal /mnt/retrieve 
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Our jail directory is “/mnt/retrieve” and to be on the regular Linux filesystem, type: 
# chroot /mnt/retrieve 

Now, to reset your root password type: 

# passwd root 

Or your username password such as in my case, the superuser “kalikal” with: 

# passwd kalikal 

Then exit from the chroot shell with: 

# exit 

Unmount the root partition with: 

# umount /mnt/retrieve 


Once you have finished securely resetting your root password, Eject the live DVD 
with: 


# eject 

And reboot your system with: 

# reboot 

Crack Linux password 

$ sudo unshadow /etc/passwd /etc/shadow > /tmp/linux_mdp.txt 
Created directory: /root/.john 

(Usage: unshadow PASSWORD-FILE SHADOW-FILE) 

$ john /tmp/linux_mdp.txt 


For Linux, one of the most secure methods to avoid playing with your root 
password is to encrypt the whole disk during the installation. 


Reset/Reinitialize Windows password 
After loading Linux via Live CD/DVD, type: 

$ cd ../Windows/System32/config 

$ chntpw -i SAM 
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4.2.20 Installation 
wget ; The non-interactive network downloader. 


apt-get ; is the command-line tool for handling packages, and may be 
considered the user's "back-end" to other tools using the APT library. 


apt ; Provide a high-level commandline interface for the package management 
system. 


The apt command is the type of a new version of apt-get, and is also 
considered as the subset of apt-get and apt-cache commands. They have 
almost the same functionalities. It is recommended for using more than apt-get 
for a regular user. However, apt-get is not deprecated and still offers many more 
functionalities than apt, such as low-level operations. 


Getting packages securely from Kali network repositories, with making change inside 
the file “sources.list” the link from http to https of the mirror (http://http.kali.org/kali), 
like the following: 


$ sudo nano /etc/apt/sources. list 

deb https://http.kali.org/kali kali-rolling main non-free contrib 

Save the file. 

Or with: 

$ sudo apt edit-sources 

$ apt list ; List packages based on package names. 

$ sudo apt satisfy strings ; Or: sudo apt-get satisfy strings. Satisfy dependency strings. 


Apt-cdrom ; It is used to add CDROM's, USB flashdrives and other removable media 
types as package sources to APT. Most used commands are add to add a CDROM, 
and ident to report the identity of a CDROM. 


$ apt-cdrom add 

Using CD-ROM mount point /media/cdrom/ 
Unmounting CD-ROM... 

Waiting for disc... 

Please insert a Disc in the drive and press [Enter] 
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Searching for a specific package: 

$ apt search package_name ; Or: apt-cache search package_name. 
Showing the package details (For Example of package_name: speedtest-cli): 
$ apt show speedtest-cli ; Or: apt-cache show speedtest-cli. 

Install a specific package: 

$ sudo apt install package_name ; Or: sudo apt-get install package_name. 
To reinstall it, type: 

$ sudo apt reinstall speedtest-cli ; Or: sudo apt-get reinstall speedtest-cli. 
Remove a specific package: 

$ sudo apt remove package_name ; Or: sudo apt-get remove package_name. 
Remove Automatically: 


$ sudo apt autoremove ; Or: sudo apt-get autoremove. |t removes automatically all 
undesired (unused) packages. 


Remove a specific package with configuration: 
$ sudo apt purge package_name ; Or: sudo apt-get purge package_name. 


It is better when you want to install (also for others as search, reinstall) a package, to 
just apply: sudo apt update before installing your package, so like that you refresh your 
repositories to get a recent version of the package. In addition you don’t need to 
upgrade the system, 


$ sudo apt update 
$ sudo apt install package_name 


Update and upgrade the system: 


$ sudo apt update ; Or: sudo apt-get update. It only refreshes the repository index. It 
updates the list of available packages and their versions from the sources defined in 
System repositories “/etc/apt/sources.list” or “/etc/apt/sources.list.d/”, but it does not 
install or upgrade any packages. 


To see the upgradable packages, type: 


$ apt list --upgradable 
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$ sudo apt upgrade ; Or sudo apt-get upgrade. It upgrades all upgradable packages. 
Or together: 


$ sudo apt update && sudo apt upgrade ; Or: sudo apt-get update && sudo apt-get upgrade. 
Adding the flag -y to the command means saying yes to the system for automatically 
continuing upgrade. 


Difference between “apt-get upgrade” and “apt-get dist-upgrade” 


apt-get upgrade upgrades only available release defined in repositories. It does not 
remove packages. Whereas, apt-get dist-upgrade is a smart command, which installs 
or removes packages as needed, in order to complete the upgrade. 


Upgrade to a new version of Ubuntu or Debian-based Linux distribution 
To do that, type the following four commands: 


$ sudo apt-get update ; Or: sudo apt update. 

$ sudo apt-get upgade ; Or: sudo apt upgrade. 

$ sudo apt-get dist-upgrade ; Or: sudo apt dist-upgrade or sudo apt full-upgrade. 
$ sudo do-release-upgrade 


dpkg ; Is a tool to install, build, remove and manage Debian packages. 
To check if the package cifs-utils is installed or not, type: 

$ dpkg -I | grep cifs-utils 

To install a package, type: 

$ dpkg -i package_name.deb 

To install all packages in the directory: 

$ dpkg -i *.deb 

Simple installation 


$ ./configure 
$ make install 
$ install 


Debian-based Linux distribution problems 


1- Some commands to help us fix some system problems, 
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$ sudo apt update 

$ sudo apt upgrade 

$ sudo apt update --fix-missing 

$ apt install -f 

$ sudo apt clean 

$ sudo apt autoclean 

$ sudo apt-get update && apt-get install -y linux-headers-$(uname -r) 
$ sudo dpkg --configure -a ; To correct the problem, if dokg has been interrupted. 
fsck ; Check and repair a Linux filesystem. 

$ fsck 

2- Troubleshooting and issues 


1. In case, you cannot run your Kali Linux as root user, for example, your password 
does not work. Perhaps your root partition is mounted as read only, so change it to 
read and write and change the password using the following commands: 


$ sudo mount -o remount,rw / 
$ sudo passwd root 
2. Repair boot loader in Kali/Ubuntu Linux after windows installation, 


$ fdisk -l 

$ sudo mount /dev/sda6 /mnt ; Instead of sda6 partition, write your own partition. 
$ sudo mount --bind /dev /mnt/dev 

$ sudo mount --bind /dev/pts /mnt/dev/pts 
$ sudo mount --bind /proc /mnt/proc 

$ sudo mount --bind /sys /mnt/sys 

$ sudo chroot /mnt 

$ sudo grub-install /dev/sda 

$ exit 

$ sudo umount /mnt/dev/pts 

$ sudo umount /mnt/dev 

$ sudo umount /mnt/proc 

$ sudo umount /mnt/sys 

$ sudo umount /mnt 
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$ exit 
Otherwise, if you don’t see Windows in grub, type also: 


$ sudo os-prober 
$ sudo update-grub 


3. Make external Cam as default Cam 

$ sudo mv /dev/videoO /dev/videoO.original 

$ sudo In -s /dev/video2 /dev/videoO 

4. To enable password-less root privilege escalation, type: 

$ sudo dpkg-reconfigure kali-grant-root 

To activate it, just simply reboot the system (among solutions). 


5. To enable the installation of multiarch binaries, apt and dpkg need changes in 
configuration, so if you have an amd64 system for example and you want to install i386 
libraries onto, type: 


$ sudo dpkg --add-architecture i386 

$ sudo apt-get update ; To refresh the list of arch i386. 

$ sudo apt-get install package_name ; Install the desired package in arch i386. 
To remove 1386, type: 

$ sudo dpkg --remove-architecture i386 

6. To configure a keyboard 

$ sudo dpkg-reconfigure keyboard-configuration 

Keyboard configuration file: 

$ sudo nano /etc/default/keyboard 

7. Change image of grub background 

$ sudo cp /home/kalikal/image.png /boot/grub ; Copy an image file in /boot/grub. 
$ sudo update-grub 
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You will find out picture files in “/boot/grub/themes/kali” directory, you can change them 
to get what you want completely. 


4.2.21 Short documentation 
The cheat sheet 


For a quick short documentation: 


§ curl cheat.sh 


4.2.22 Linux Shortcuts 


Ctrl +1 ; Clear manipulating the position of output. 
reset ; Re-initialize the terminal. 


Ctrl +r ; To search in command history for previous commands, beginning with the last 
one matching the characters you provide. 


Ctrl +c ; End the command in execution. 

Ctrl + z ; Stop/pause the job or the command in execution. 

bg ; To resume the stopped command in the background. 

fg ; To raise and resume the stopped command to the foreground. 


Ctrl + \ ; With sending SIGQUIT signal, it forcefully kills the current process/job in the 
foreground. 


Ctrl +d ; Logging out of the current session/terminal. 


!!_; Show the last command and execute it or the last what you have written in the 
terminal. 


Ctrl + p ; Show the last commands, even if you write and execute a wrong commands 
(output: command not found). 


Ctrl + w ; Delete one word on the left of the current line starting from the point where 
the cursor is (keep the first pointed character). 


Ctrl + k ; Delete the whole current part line from the right starting from the point where 
the cursor is. 
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Ctrl +u ; Delete the whole current part line from left starting with the current position of 
the cursor. 


Ctrl + a ; Point the cursor to the beginning of the line. 

Ctrl + e ; Point the cursor to the end of the line 

Ctrl + Shift + c ; Copy a selected line 

Ctrl + Shift + v ; Paste a copied line 

Ctrl + <— /— ; (In CLI) Move to one word backward/forward. 

Ctrl + Shift + T / | ; Navigate to up/down in the current terminal. 
Start/Win (Windows button) ; Type to search for software/applications. 


Start + d or Ctrl + Alt + d ; Display (cleared from any things as launched apps) and hide 
the desktop. 


Ctrl + Shift +n ; Open a new terminal. 

Ctrl + Shift + t ; Open a new tab in the terminal. 

Ctrl + Shift + w ; Close the current tab or the terminal. 

Ctrl + Alt+ T / | ; Change the Workspace. 

Alt + F2 ; Open run command dialog. Type for example: gnome-terminal. 
Alt + F5 ; Minimize the full screen which comes from “Alt + F10”. 

Alt + F10 ; Full screen of the terminal (or minimize), containing menu bar. 
Alt + F11 ; Full screen/Minimize of the terminal (or back to last size screen). 
F11 ; Full screen/Minimize of the terminal(or back to last size screen). 

Alt + F6 ; Select the terminal window. other example: Firefox browser windows. 
Alt + F4 ; Close current window. 

Alt + F1 ; Open application menu. 


Start+</-—, T / | ; change the position and size of the window as terminal/gedit(Text 
Editor)/LibreOffice document. 
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Ctrl + Shift + “+” ; Zoom in (+). 

Ctrl + “-” ; Zoom out (-). 

exit ; Close the current session or the terminal. 

Alt + Tab ; To change the window. 

Ctrl + Alt + F1-7 ; To switch for ttys sessions “tty1-7”. 
Example of the use: 


Ctrl + Alt + F2 ; Where our current Kali Linux desktop is located (no change, because It 
is logged in on tty2, specific for this shortcut keys). It is used to switch back/return to 
the current desktop. 


Ctrl + Alt + F1 ; Open the Kali Linux Login desktop (GUI). If you log in with the same 
User, you will be in the same last session (which is logged in on tty2; Ctrl + Alt + F2). 
The current desktop session will be saved, even if you have logged into another user 
(logged in on tty4 in our case) and you can return with “Ctrl + Alt + F2”. 


Ctrl + Alt + F3 (F5,F6) ; To Log in into the terminal of tty3 (tty5, tty6) session 


Ctrl + Alt + F7 ; To get probably a desktop user logged in from “Alt + Alt + F1” action (It is 
logged in on tty7). 


Ctrl + Alt + delete ; To Power off the system in 60 seconds. other options are available 
Poweroff/restart/cancel. 


Start + | ; Lock Linux system. 
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4.3 Useful Software 


Software Types Purposes 
1 Knoppix OS System Reparation 
2 Allin One - System OS System Reparation 
Rescue Toolkit (AiO- 
SRT) 
3 UBCD OS System Reparation 
4  Hiren’s Os System Reparation 
5 Caine Os Investigation 
6 Tails Os Anonymity 
7 Avira Antivirus App Viruses Scanning 
8 Zoneminder Web-based App Surveillance by CCTV or security cameras 
9 Dovecot IMAP Server App Installing IMAP and POP3 email servers on 
Linux/UNIX-like systems 
10 yEd GUI app General-purpose diagramming 
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Chapter 5 


Networks 


“Find out where your connection node in the network is 
and make sure you connect securely” 
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5. Networks 


5.1 Network concepts 


Network is a combination of multiple devices (such as computers, smartphones) that 
communicate with one another via physical infrastructure (Such as cables and wireless 
towers). 


Types of Network 


We can classify different types of network according to area distancing, private, area 
interconnecting, transmission media and topology. 


1. Area distancing 


LAN Local Area Network, allows connection of a small number of systems and in a 
narrow geographical area. For example the home network. 


WLAN Wireless Local Area Network, is similar of LAN which provides a wireless 
connection, such as Wi-Fi at Home. 


VLAN Virtual Local Area Network, is built for security and performance reasons such 
as network segmentation and reduction of traffic access time. 


WAN Wide Area Network, allows to interconnect more than one LAN over a large 
geographic area. 


MAN Metropolitan Area Network covers an area between LAN and WAN, i.e. larger 
than a LAN and smaller than a WAN. It is hard to design and maintain it, but it delivers 
high speed connectivity. 


SAN Storage Area Network, is a method to provide users with shared access to 
storage in high-performance and low latency. It is used to physically separate the 
storage function of the network from the data-processing function. It is worth 
mentioning here NAS (Network Attached Storage), which is a dedicated computer 
connected to a network to store and provide data to other devices on the network. For 
example Synology device. 


PAN Personal Area Network, is a network that interconnects networking devices 
around a person. For examples of personal connection, a connection between two 
computers, and Bluetooth earpiece and a smartphone/computer. PANs provide also 
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connections among laptops, tablets, printers, keyboards, wireless mouses, 
cameras,..etc. 


BAN Body Area Network (or wireless BAN), is a wireless network of wireless devices 
that are small and of low power, which can be carried (such as in clothes pockets) or 
embedded inside (as implants) or on the body. One of the main applications for BAN is 
health and wellness monitoring of the person. 


Nanonetwork (or nanoscale network) is a network that interconnects a set of 
nanodevices that are used for computing, data storing, sensing,..etc. Applications of 
nanonetworks are used in biomedical, military,..etc. 


2. Private 


EPN Enterprise Private Network, is a secure network used to interconnect its separate 
offices and sites of the company. 


VPN Virtual Private Network, provides a virtual private and secure channel for 
communications between two points (client and server). The server acts as 
intermediary remote server to reroute your traffic between networks. You may use it to 
hide your public IP address by getting another public IP address from the other side 
(node, the server), and use it only or in addition to get the LAN. 


> VPN Works on the operating system level. 


Vv 


Protects your whole networks traffic. 


> Preventing ISP tracking. 


Vv 


Two basic types of VPN: Remote access VPN, Site-to-Site VPN (also known as 
Router-to-Router VPN ): Intranet VPN, Extranet VPN. 


> Types of VPN protocols: IPSec (Internet Protocol Security), L2TP (Layer 2 
Tunneling Protocol), PPTP (Point-to-Point Tunneling Protocol), SSL (Secure 
Sockets Layer) and TLS (Transport Layer Security), OpenVPN (is an open 
source VPN that is useful for creating Point-to-Point and Site-to-Site 
connections), SSH (Secure Shell). 


Proxy Network 


The proxy provides a channel of communication which is not necessary secure 
between two points (client and server), passing the traffic between networks or 
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protocols, playing like that the role of an intermediary server. It is useful for hiding your 
original public IP address. 


> Proxy only works on the application level. 
> Protects only certain application, such as your browser. 


> Three main types of proxy servers: HTTP Proxies, SOCKS Proxies, Transparent 
proxies. 


3. Area interconnecting 


p2p Peer to Peer Network is a system that maintains an access via internet from a 
computer to another without a server, in other words each computer becomes a file 
server as well as a client. 


Intranet Internal Network, operates in a large enterprise or in a government 
establishment, which uses an internet technologies but is isolated from the global 
internet. The connection is implemented to be used only by internal persons and for 
inside purposes. 


Extranet External Network, it’s similar to Intranet, with permission to connect some 
persons from an outer company, and can perhaps be shared with other organizations. 


Internet global or international networks, it is a network of networks. 


Demilitarized Zone (DMZ) Is a logical or physical subnetwork that contains most of 
services exposed externally i.e. it gives a connection to an untrustworthy side such as 
internet users to its services. 


The main objective of the DMZ is protecting LAN(s) with providing another layer of 
security. So if an attacker gains access to one services or host of DMZ, he/she cannot 
access to local hosts or the rest part of the network. 


4. Transsmission media 


Wire Network is over all types of wiring connections, for example Coaxial cables, 
Ethernet cables, Fiber optic cable. 


Wireless Network is the set of technologies of communication such as Wi-Fi, 
Bluetooth, Infrared, RFID (radio frequency identification). 


Mobile Network or cellular network is a voice and data communication network, the 
link to and from end nodes is wireless (Tower-End-user). 
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Satellite Network is created for Internet, Military affairs, Atmosphere prediction, TV, 
GPS...etc. 


5. Network Topologies 
Network Topologies are either physical or logical. 


> Physical topology is an overview of the network by mapping the physical 
devices and the way they are connected. 


> Logical topology is a contraction of physical topology where we don't take in 
consideration the connection of physical equipment as primary, but the useful 
information about network configuration such our device name, IP addresses. 


It is very important to have the network topologies, to facilitate understanding, 
maintenance, updating and upgrading your network architecture. 


We can distinguish between network topologies: Bus, Hierarchical, Star, Ring, Mesh. In 
network physical topology for LAN or Ethernet, the mostly or commonly used topology 
is Star, where every node is connected directly to a central hub or switch. 


Bus 


Figure 39: Bus Topology 
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Hierarchical (tree) 


Figure 40: Tree Topology 


Star 


Switc 


Figure 41: Star Topology 
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Ring 


Figure 42: Ring Topology 


Mesh (Full Mesh) 


4 


Figure 43: Mesh Topology 


To follow safer standards, the network can be structured with dedicated cables and 
devices for one user (company, hospital,..) without using the Internet, but this 
architecture costs a lot. In addition, for the Internet you can demand a dedicated 
connection from the provider ISP to one user. 
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Network operating system (NOS) is actually a software or a combination of 
programs. These programs provide a number of computers and devices with the ability 
to accept service requests or requests across the network and allow another computer 
to properly use those services. NOS’s are often installed on a computer called a server 
which shares its disk space, printer access, peripherals,..etc with other computers. 


Example of NOS 
> Novell NetWare was introduced as a first network operating system, in 1983. 
> Microsoft Windows Server, UNIX, Linux, BSD, Mac OS X. 

Types of NOS Peer to Peer NOS, Client-Server NOS. 


Real open system (ROS) we call a real open system, a real system in which 
communication with another real system is done in accordance with the OSI model. 


Open systems interconnection (OS)) is a model for the interconnection of open 
systems, it divides the protocols used according to the seven layers, thus defining a 
language known for the name of telecoms and IT. It is now the benchmark for all 
information processing systems. 


Ensuring the interconnection of the networks consists of establishing a dialogue 
between the machines of various origins, which can be moreover connected by 
different models of the network. 


The objective of the OSI model is to ensure the users a perfect transparency of 
interconnection, regardless of the various protocols implemented by _ the 
communication equipment. 


The seven Layers 
Application - Communication with software such as terminal emulation and file. 


Presentation - Syntax management. Process of data encoding, encryption and 
compression. 


Session - Control of the dialog. Establishment and maintenance of sessions 
between applications. 


Transport - Quality of transmission. Establishment, maintenance and 
termination of sessions between terminal devices. 
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Network - Selection of the path or the channel. Addressing the interfaces 
globally, packet delivery, including routing. 


Data Link - Preparation for sending in the media. Addressing the interfaces 
locally, MAC method, delivers information locally, framing of units of information, 
error checking. 


Physical - Bits transmission on the physical media. Signal encoding, wiring and 
connectors, physical specifications. 


Data units used in OSI Model 
> SDU Service Data Unit. 
> PDU Protocol Data Unit. 
> PCI Protocol Control Information. 
The general model of a layer of the OSI model 


The following diagram gives the general model of a layer of the ISO model while 
specifying the interface between protocol entities and the means by which information 
is exchanged between entities (N). 


Entities (N) perform layer (N) functions. 


Entity Interface (N) is achieved by all the index layers (<N). This interface is made 
available to entities (N) in the form of an interaction service called services (N-1). 


Connection (N) 


gerr rot tee, : (N) SAP 
Service (N) OOC re On 


Layer (N) 


Protocol (N) 


Service (N-1 
Segue (N-1) SAP 
Connection (N-1) 


SAP: Service Access Point 


Figure 44: General OSI Layer’s Model 
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Protocol (N) regulates cooperation between entities (N) to perform the functions of the 
layer (N). 

Service (N-1) is offered by entities (N-1) to entities (N) to SAPs (N-1). 

The Connection (N-1) is established by the service (N-1) between the SAPs (N-1) of 


an appellant entity (N) and those of the called party(of which the@ indicated in the 
connection establishment request (N-1)). 


Connection (N) 


- coe 


Service (N) 


Layer (N) (N) PDU 


(N-1) SDU 


Service (N-1) 


SDU: Service Data Unit. 
PDU: Protocol Data Unit. 
PCI: Protocol Control Information. 


i 


Connection (N-1) 


Figure 45: Vertical data flow 


The service (N-1) ensures the transfer of (N-1) SDU between the (N-1) SAPs. 
Entities (N) communicate from (N) PDU via (N-1) SDU. 
Each (N) PDU contains: 

¢ On the one hand the (N) PCls. 


¢ And on the other hand, user’s data (N) which comes from (N) SDUs entrusted 
by (N + 1) entities. 
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Transfer of (N) PCls the (N) PCls are generated and interpreted by (N) entities and 
perform functions specific to the (N) layer. 


Transfer of (N) PDUs they are transferred without being interpreted. 
Transmission Control Protocol / Internet Protocol (TCP/IP) 


It is called the TCP/IP suite because there are two most important protocols within the 
model, transmission control protocol (TCP) and Internet Protocol (IP) (Routing). 


The main goal of this model is to build the interconnection of networks. TCP/IP shows 
how a specific computer should be connected to the internet and how data 
transmission can be carried out between them. TCP/IP suite is the industry- 
standardized method and it is seen as the engine of Internet and networks worldwide. 


The following figure illustrates the OSI and TCP/IP Models: 


OSI Model & TCP/IP Model 


Logic & Physical Protocols Layers Layers 
End user layer ae 
HTTP, FTP, IRC, SSH, DNS @ Application 
Syl 6 Presentation Application 
SSL, SSH, IMAP, FTP, MPEG, JPEG 
Sync and send to port 5 Session 
API’s, Sockets, WinSock 
End-to-end connections 4 
TCP. UDP Transport Transport Segments 
Packets 
Se ee ee | Network Internet Packets 
Data Link 
2) Network 
@ Physical Access 


Figure 46: OSI & TCP/IP Models 
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The difference between OSI and TCP/IP models is that OSI is a conceptual and 
logical model, i.e. a theoretical model, whereas TCP/IP is used as a practical model to 
build networks. 


In order to understand the process of transmission of information between systems, 
and make it clear to us, we always refer to these models. So we ask an initial and 
direct question: at what layer does the exchange take place? 


5.2 IP Address 


Internet Protocol (IP) Address is an identifier of an object in networks, which 
means it's unique. IP address allows systems to send and receive information, it can 
be a computer, a printer, a router, a file server device, a server, a web site.. etc. IP 
address does not changes in the transmission. IP can be used to track physical 
location of the user’s device. The format of an IP address appears in numeric (IPv4) or 
alphanumeric (IPv6) way which depends on the version. 


¢ IPv4 is a type of logical addressing, deployed 1981, it coexists and is the 
largest and the most known network addressing for now. 


Example of IPv4: 131.216.144.22. 


We have 4 positions separated by dot “.”, each position is represented by 
decimal character (base 10) has 8 Bits(=1 Byte) i.e. 4 Bytes, then length = 4 x 
8 = 32 Bits(4 Bytes). 


Number IPv4 addresses in theory is 2°% or 4,294,967,296 (more than 4 
billion) 


Configuration |Pv4 supports manual configuration or DHCP. 
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Version | Header Type of Service Total length (16 bits) 
(4 bits) Length(4 bits)! (8 bits) 
Identification (16 bits) Flags: Fragment Offset 
0 |DF |MF (13 bits) 
Time to Live (8 bits)| Protocol (8bits) Header checksum (16 bits) 
Source IP Address (32 bits) 
Destination IP Address (32 bits) 
e Options (0 - 40 bytes) Z 
Z Data # 


Figure 47: |Pv4 Header 


IPv6 is a type of logical addressing, deployed 1998, it is the future network 
addressing, and is rarely used for now, due to the usual use of IPv4 and costs 
of hardware replacement. 


Example of IPv6: 2002:83D8:9016:0:0:0:0:0 (Successive fields with the value 
O can be represented by a pair of colons (::), so our IPv6 address can be 
represented as 2002:83D8:9016::) 


We have 8 positions separated by colon “:”, each position represented by 
hexadecimal characters (base 16) has 16 Bits i.e. each 4 Bits represent 1 
hexadecimal character, then the length = 8 x 16 = 128 Bits (16 Bytes) 


Number IPv6 addresses in theory is 2128 or 
340,282 ,366,920,938,463,463,374,607,431, 768,211,456 


Configuration |Pv6 supports autoconfiguration. 
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Version (4 bits) | Traffic Class(8 bits) Flow Label (20 bits) 


Payload Length (16 bits) | Next header (8 bits) Hop Limit (8 bits) 


Source Address (128 bits) 


Destination Address (128 bits) 


Saree) 
Figure 48: IPv6 Header 


Types of IP Address there are four types of IP address: 
> Private or Local 
> Public 
> Static 
> Dynamic (requires DHCP) 
Reserved IP addresses 


These addresses are reserved by the Internet Engineering Task Force (IETF) and the 
Internet Assigned Numbers Authority (IANA) for special purposes. 


IPv4 Address block Purposes of IPv4 Address block IPv6 Address block (CIDR) 


1 0.0.0.0/8 This host on this network ::/0 (Deafault route) 
2  10.0.0.0/8 Private-Use networks ::/128 (Unspecified) 
3  100.64.0.0/10 Shared Address Space ::1/128 (Loopback) 
4 127.0.0.0/8 Loopback ::fFFF:0:0/96 

5 169.254.0.0/16 Link Local ::fFFF:0:0:0/96 

6 172.16.0.0/12 Private-Use Networks 64:ff9b::/96 

7 192.0.0.0/24 IETF Protocol Assignments 64:ff9b:1::/48 

8 192.0.0.0/29 DS-Lite 100::/64 

9 192.0.2.0/24 Documentation (TEST-NET-1) 2001:0000:/32 

10 192.168.0.0/16 Private-Use Networks 2001:20::/28 
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11 192.88.99.0/24 6to4 Relay Anycast 2001:db8::/32 

12 198.18.0.0/15 Network Interconnect Device 2002::/16 
Benchmark Testing 

13 198.51.100.0/24 Documentation (TEST-NET-2) fc00::/7 

14 203.0.113.0/24 Documentation (TEST-NET-3) fe80::/10 


15 224.0.0.0/4 Internet (In use for IP multicast) ff00::/8 
16 233.252.0.0/24 Documentation (MCAST-TEST- 

NET) 
17 240.0.0.0/4 Reserved for Future Use 


18 255.255.255.255/32 Limited Broadcast 
Network Address Translation (NAT) is a mechanism of translation the private IP 
addresses to global addresses. 


> NAT is a solution for not wasting public IP addresses. For example a defined 
public IP address for multiple hosts or private addresses. 


> NAT is Defined in RFC 1631. 
Types of NAT 
> Static Address Translation (Static NAT) 
One-to-One address mapping. 
> Dynamic Address Translation (Dynamic NAT) 
Many-to-Many address mapping. 
> Port Address Translation (PAT) / NAT Overloading 
Many-to-One address mapping, differentiation at TCP port level. 


> Port forwarding. 


5.3 Related Hardware 


Network Interface Controller (NIC) 


NIC, Network Interface Card, or network adapter allows you to connect a device to a 
network by establishing a wire or wireless connection. 


> Media Access Control (MAC) Address is unique and it is a type of physical 
addressing, the address in hexadecimal format (on 48 bits) contains 
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alphanumeric characteres (0-9 and A-F). For example 0013:96FF:FE12:2346. 
MAC address changes in the transmission. 


Hub device 


Hub connects multiple devices together, it has no intelligence on where to send the 
information, thus if computer A sends a packet to computer B, computer B and all other 
computers connected to this hub will receive the same packet. 


Switch device 


Typical switch (of layer 2) mission is the transmission of data from one device to 
another based on MAC address. 


> Allows the configuration of VLAN. 
Router device 
The router is responsible for routing traffic between networks. 
Finds the best route and the shortest route to transfer the traffic to destination. 
> Without router, the networks communication is impossible. 


Router is a specialized computer which has processor, memory/storage and 
OS. 


> Router uses NIC and specific ports to communicate with other networks. 


Hardware Location in OSI Model 
Router L3 
Switch L3 L2/L3 
Switch L2 L2 

Hub Li 
Repeater L1 

NIC L1/L2 
Bridge L2 
Access Point Wi-Fi L1/L2 
Wlan Controller L2/L3/L7 
Network Wire Li 
Firewall L4 
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5.4 The 3-Way TCP handshake 


To establish a connection, TCP uses a three-way handshake, each device must send a 
SYN (SYNchronize message) and receive an ACK (ACKnowledge message) for it from 
the other device. This following figure proves how a conventional connection is 
established between a client and a server, showing the three messages sent during the 
process and how each device transits from the Closed state through intermediate 
states until the session is Established. 


Client Server With real example 
Closed Closed 
Listen 
SVN esneteeee cece ee > -->SYN= 1000 
ne ee eee oe SYN-ACK <--SYN=2000 , ACK=1001 
ACK peeeeeeee toe eee > --> ACK= 2001 


Connection Established 
The client and server are ready for normal data transfer operations 


Figure 49: Three-Way TCP Handshake Task 


To terminate or close the connection, TCP does the following three steps of exchange: 


Client Server 

FIN ---------------2---2+---=- > 

5 ae ACK Hor Kannan anne nn nnnnnnnn nc nnn nce FIN + ACK) 
Ronn nn nnn nena nnn nn cence nnn n nnn FIN 

ACK ---------------------=-0---=-- > 


Figure 50: TCP disconnection 
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TCP message types 


> 


SYN: is used to initiate and establish a connection. It also helps you to 
synchronize the numbers of sequence between devices. 


> ACK: Helps to confirm the other side that it has received the SYN. 


> SYN-ACK: SYN message from local device and ACK of the earlier packet. 


FIN: is used to terminate a connection. 


TCP and UDP Protocols and their Differences 


TCP 


Transmission Control Protocol (TCP) is used for data transmission. 


> 


> 
> 
UDP 


TCP is a connection-oriented protocol. Connection-orientation means that the 
communicating devices should establish a connection before transmitting data 
and should close the connection after doing this. 


TCP is reliable as it guarantees delivery of data to the destination router. 


TCP is used by HTTP, HTTPs, FTP, SMTP and Telnet. 


User Datagram Protocol (UDP) is used by programs to send short datagram 
messages. 


> 


UDP is the datagram oriented protocol. This is because there is no overhead for 
Opening a connection, maintaining a connection, and terminating a connection. 
UDP is efficient for broadcast and multicast type of network transmission. 


> The delivery of data to the destination cannot be guaranteed in UDP. 


UDP is used by DNS, DHCP, TFTP, SNMP, RIP, and VoIP. 


5.5 Most important services and protocols 


System port numbers (TCP/UDP Port Numbers) for networking is from 1 to 65535 
ports that are used to establish the communications. We describe some important 
protocols (a protocol is a set of rules for formatting and processing data, kind of 
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common language for computers to understand each other) with a default port (logical 
communication endpoint), indicating its safety in the following: 


1. Internet Control Message Protocol (ICMP, port: None, not secure) - messages are 
used for diagnostic or error-generating purposes. ICMP is a network layer protocol (not 
a transport layer protocol). However, if the service “echo” with port number 7 (both TCP 
and UDP) is available in the system, that could be used instead of ICMP to perform a 
“ping”. The ICMP echo request/reply messages are commonly known as ping 
messages). 


2. Domain Name System (DNS, port: 53, not secure) — This default DNS runs over 
UDP connection, and organizes hostnames in a domain hierarchy. DNS is a phone 
book of the Internet. When you visit shareforshow.com or any other site, your browser 
will ask a DNS resolver for the IP address where the website can be found. These DNS 
queries and answers are typically unprotected. 


3. Hypertext Transfer Protocol (HTTP, port: 80, not secure) — application protocol that 
uses hyperlinks between nodes containing text. 


4. Hypertext transfer protocol secure (HTTPS, port: 443, secure) — is a secure version 
of HTTP, which is the primary protocol that is used to send data between a web 
browser and a website. HTTPS is encrypted in order to increase security of data 
transfer. This is particularly important when users transmit sensitive data, for instance 
by logging into a bank account, email service, or health insurance provider. 


5. The WebSocket Protocol (WS, port: 80, not secure) enables two-way 
communication between a client running untrusted code in a controlled environment to 
a remote host that has opted-in to communications from that code. The security model 
used for this is the origin-based security model commonly used by web browsers 
(WSS, port:443, secure). The protocol has two parts: a handshake and a data transfer. 
Both WS and WSS run over a single TCP connection and are compatible with HTTP 
and HTTPS. 


6. Post Office Protocol (POP, default port: 110, not secure; secure port: 995, secure ) - 
is used by local email clients to retrieve email from a remote server over TCP/IP. 


7. Internet Message Access Protocol (IMAP, default port: 143, not secure; secure port: 
993, secure) — a communication protocol used by email clients to retrieve messages 
from a mail server over TCP/IP. 
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8. Simple Mail Transfer Protocol (SMTP, port: 25 or 587, not secure) is used to send 
mail. 


9. The SSH protocol (also referred to as Secure Shell) (SSH, port: 22, secure) is a 
method for secure remote login from one computer to another and for executing 
commands on a remote machine. 


10. Remote Desktop Protocol (RDP, port:3389, secure) — allows end users to connect 
to a desktop from a different machine. 


11. Telnet (telnet, port: 23, not secure) — is a client-server protocol. The purpose of the 
TELNET Protocol is to provide a fairly general, bi-directional, eight-bit byte oriented 
communications facility. Its primary goal is to allow a standard method of interfacing 
terminal devices and terminal-oriented processes to each other. It is envisioned that 
the protocol may also be used for terminal-terminal communication ("linking") and 
process-process communication (distributed computation). 


12. SSH File Transfer Protocol (SFTP, port: 22, secure) — is probably the most widely 
used secure file transfer protocol today. It runs over SSH. 


13. File Transfer Protocol (FTP, port: 21, not secure) — a protocol to transfer computer 
files from a server to a client and vice versa. 


14. Lightweight Directory Access Protocol (LDAP, port:389, not secure; LDAPS (LDAP 
over ssl/TLS), port 636, secure ) — access and maintain directory information services. 


15. Server Message Block(SMB, port: 445,139(old version), N/A ) — protocol for 
sharing files. 


16. Common Internet File System (CIFS, port:137,138(for UDP) ,139,445(for TCP), 
N/A ) — particular implementation of SMB, provides a shared access to files and 
printers. 


17. MySQL (MySQL, port: 3306, secure) — MySQL protocol is used between MySQL 
client and MySQL server to query and manage database. 


18. Dynamic Host Configuration Protocol (DHCP, port:67(for server,UDP),68 (for 
clientUDP), not secure) — is a client/server protocol that automatically provides an IP 
host with its IP address and other related configuration of information. 
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19. Network Time Protocol (NTP, port: 123 (UDP), not secure) — is for clock 
synchronization between devices or computer systems. NTS (network time security) is 
a security solution for NTP. 


To protect ports and services, it should at least, configure the firewall and software 
correctly and also always update the software version. 


5.6 Network addresses calculation 


We have a form of address IPv4 “w.x.y.z” as known from above of 8 bits (1 Byte) in 
each position (w,x,y or Z). 


Example: 192.168.1.26 eClass C 10.0.0.5 eClassA 


[| 
11000000.10101000.00000001.00011010 


00001010.00000000.00000000.00000101 


We distinguish five classes of IPv4 addresses according to the first position in IP “w”. 
In the following, the assigned classes of the IPv4 addresses: 


> Class A: 0 to 127 (1.0.0.1 to 126.255.255.254), 
Class B: 128 to 191 (128.1.0.1 to 191.255.255.254) 
Class C: 192 to 223 (192.0.1.1 to 223.255.254.254) 
Class D: 224 to 239 (224.0.0.0 to 239.255.255.255) 
Class E: 240 to 255 (240.0.0.0 to 254.255.255.254) 
Example of Real public address: 62.149.128.160. 


Vv VV WV 


Example of private Address: 


> 10.0.0.0/8 is used for addressing the network of high school and enterprise with 
netmask of 8 bits. 


> 172.16.0.0/12 with netmask of 12 bits. 


> 192.168.0.0/16 for addressing LAN at home/enterprise with netmask of 16 or 24 
bits. 
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Subnet (or subnetwork) is a network inside a network, such as division of the network 
into many segments, each one of it is a subnet. Subnetting is making a traffic access 
time shorter and deducting the paths, i.e. without passing through unnecessary router. 


Netmask of subnet indicates the number of bit of address IP(v4) and is used for 
identifying the subnet and the number of bit which characterizes the hosts. 


Broadcast a broadcast address is a special type of networking address that is 
reserved for sending messages to all nodes (i.e., devices attached to the network) ona 
given network or network segment. 


/8 = 11111111.0.0.0 = 255.0.0.0 
116 = 11111111.11111111.0.0 = 255.205.0.0 
(24 = 11111111.11111111.11111111.0 = 255.255.255.0 


130 = 11111111.11111111.11111111.11111100 = 255.255.255.252, this is the most 
common netmask for WAN to address point to point or two routers in the network. 


Example 

192.168.1.0/24 => Network or subnet Address 

192.168.1.2 => Host’s IP (host takes number 2) 

192.168.1.254 => Last host’s IP address 

192.168.1.255 => Broadcast address 

255.255.255.0 => Netmask 

192.168.1.2 | 

255.255.255.0 |==> The three first bytes in bold don’t change. The three first bytes in 


| bold of the private IP associates with the three first bytes in bold of 
the netmask and corresponds with the same bytes of subnet (192.168.1.0), and for the 
fourth byte 0 of subnet, we have the total range [0-255] to make the host’s address, i.e. 
possible private IP addresses are 192.168.1.[1-254]. 


The following example indicates how we can calculate and find different addresses: 
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Calculation 


We have a private address IP: 192.168.1.26 with netmask 20 bits then we indicate that 
like 192.168.1.26/20 = 20 bits of 1 from left to right 
11111111.11111111.11110000.00000000 


Then accordingly of CIDR askip: 
pos is position of the byte in the netmask address, 
pos1.p0S2.p0s3.pos4 -— must pos1>pos2>pos3>pos4 ; (> : superior) 
So, if we have: 255.0.255.0 — false because pos2<pos3 
255.255.255.0 — true, verified 
Return to our IP: 
192.168.1.26/20 means with netmask 20: 255.255.240.0 


For binary addition of IP address and netmask address, we use as known the logic 
AND: 


55 =x ; 255 is 11111111 (‘.’ is a logic “Anad”) 


2 
0 
-0 
1 
1 


OrFPOFPR XK x 
Hou ou ue a 
orRooco 


So 


a. Calculate Network Address (@network = ?) 
@network = 192.168.?.0 


192.168.1.26 
» 255.255.240.0 
= 192.168.0.0 because: 
posi: 
192.255 =? =pos1 
where 192 is 11000000 
and 255 is: 11111111 — 11000000 . 11111111 = 11000000 = 192 


pos2: 
168 . 255 = ? = pos2 
where 168 is 10101000 
and 255 is 11111111 —% 10101000 . 11111111 = 10101000 = 168 
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poss: 
1. 240 = ? = pos3 
where 1 is OOOO00001 
and 240 is 11110000 — 00000001 . 11110000 = 00000000 = 0 


pos4: 
0.0=0=pos4 


=> @network = 192.168.0.0 


b. Calculate the broadcast Address (@broadcast = 7?) 


With taking network address and netmask address, every bit which is zero “O” in 
@netmask will take one “1” in @network, so: 


192.168.00000000.00000000 
255.255.11110000.00000000 


+ @broadcast = 192.168.00001111.11111111 = 192.168.15.255 
c. Calculate the first Address (@first = ?) 
@first = @network + 1 |= 192.168.0.0 + 1 = 192.168.0.1 


d. Calculate the last Address (@last = ?) 
@last = @broadcast - 1 — 192.168.15.255 - 1 = 192.168.15.254 


e. Total Addresses Number (@ntotal = ?) 

@ntTotal = 2 with an exponent of a number (number of Os in netmask address), 
255.255.240.0— 11111111.11111111.11110000.00000000 |= n=12 — 2"= 4096 

f. Addressable Addresses (@Qadadr = ?) 

@addr = @ntTotal - 2 (two address, @network and @broadcast) = 4096 - 2 = 4904 

g. Division to subnets 

Example 

@network = 192.144.78.0/24 

To take 4 possibilities or 4 subparts it needs 00, 01, 10, 11 so we reserve the first 2 bits 


in left of “Zz” such as in bold: 
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+ 192.144.78.00000000/24 (/26 ‘ + 2bits’) 

+ 192.144.78.0 (00000000 = 0) 
192.144.78.64 (01000000 = 64) 
192.144.78.128 (10000000 = 128) 
192.144.78.192 (11000000 = 192) 


For 5 possibilities we need to reserve the first 3 bits in left, but here we lose the 
addresses. 


Problem solved with Python program including other features, 


#!/usr/bin/python3 


#requirements: pip3 install termcolor ipaddress 
import ipaddress 

from netaddr import * 

from termcolor import colored 


#Computing the Network Addresses: 

# Calculate the network address (@network ?) 

# Calculate the broadcast address (@broadcast ?) 
# calculate the first address (@first ?) 

# calculate the last address (@last ?) 

# Total addresses number (@ntotal ?) 

# Addressable addresses (@addr) 

# Division to subnets 

#.. 


IP = input(colored(‘'Give IP Address with netmask like 192.168.1.2/24 to Calculate Network 
Addresses: ','blue')) 
ip = IPNetwork(IP) 


print (colored(‘Your IP is:','green')) 
print (ip.ip,"=",ip.ip.bits(Q) 


print (colored('IP version is:','green')) 
print ("IPv",ip.version) 


' 


print (colored('Is it Unicast?’','green')) 


print (ip.ip.is_unicast()) 


' 


print (colored('Is it Multicast?','green')) 
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print (ip.ip.is_multicast()) 


print (colored('Is it Private ?','green')) 


print (ip.ip.is_private()) 


print (colored('Is it Public ?','green')) 
print (ip.ip.is_unicast() and not ip.ip.is_private()) 


print(colored('@Netmask is:','green')) 
print(ip.netmask,"=",ip.netmask.bits()) 


print (colored('@Hostmask is:','green')) 
print (ip.hostmask,"=",ip.hostmask.bits()) 


print (colored('@Network is:','green')) 
print (ip.network,"=",ip.network.bits()) 
print (colored('@Broadcast is:','green')) 
print (ip.broadcast,"=",ip.broadcast.bits()) 


print (colored(‘First address is:','green')) 
print (ip[1],"=",ip[1].bits()) 


print (colored('Last address is:','green')) 
print (ip[-2],"=",ip[-2].bitsQ) 


' 


print (colored('Number of hosts:(Total addresses Number)','green')) 


print (ip.size,"=",bin(ip.size)) 


print (colored('Addressable addresses:','green')) 
print (ip.size-2,"=",bin(ip.size-2)) 


print (colored('@Subnets:','green')) 
subnets=ip.subnet(26) 
j=0 

for i in subnets: 

j=jtl 

print (‘subnet',j,'is',i) 

print (colored('Reverse IP lookups for DNS:','green')) 
print (ip.ip.reverse_dns) 
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Output 


Give IP Address with netmask like 192.168.1.2/24 to Calculate Network Addresses: 
192.168.1.18/24 

Your IP is: 

192.168.1.18 = 11000000.10101000.00000001.00010010 
IP version is: 

IPv 4 

Is it Unicast? 

True 

Is it Multicast? 

False 

Is it Private? 

True 

Is it Public? 

False 

@Netmask is: 

255.255.255.0 = 11111111.11111111.11111111.00000000 
@Hostmask is: 

0.0.0.255 = 00000000.00000000.00000000.11111111 
@Network is: 

192.168.1.0 = 11000000.10101000.00000001.00000000 
@Broadcast is: 

192.168.1.255 = 11000000.10101000.00000001.11111111 
First address is: 

192.168.1.1 = 11000000.10101000.00000001.00000001 
Last address is: 

192.168.1.254 = 11000000.10101000.00000001.11111110 
Number of hosts:(Total addresses Number) 

256 = 0b100000000 

Addressable addresses: 

254 = 0b11111110 

@Subnets: 

subnet 1 is 192.168.1.0/26 

subnet 2 is 192.168.1.64/26 

subnet 3 is 192.168.1.128/26 

subnet 4 is 192.168.1.192/26 

Reverse IP lookups for DNS: 

18.1.168.192.in-addr.arpa. 
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5.7 Data transmission 


Data Transmission is a process of transferring and receiving data (a digital bitstream, 
digitized analog signal) between devices (transmitter, receiver) over some physical 
transmission medium (over a point-to-point or point-to-multipoint communication 
channel). The communication (or transmission) is in the form of electromagnetic waves 
(such as an electrical voltage, radio wave, microwave, or infrared signal). 


Transmission Terminology 
- Simplex 
> Send or receive, i.e. signals transmitted in one direction. 
> For example: Television, Radio, computer to printer. 
> Half duplex 
> Send and receive, but only one way at a time. 
> For example: police radio, CB radio, walkie-talkie. 
* Full duplex 
> Send and receive simultaneously (simultaneous transmissions). 
> For example: telephone, Wi-Fi, social networking, multiplayer games. 
Physical Transmission Media 
¢ Twisted wire (twisted pair) 
> Analog signal. 
> Digital signal. 
> MODEM. 
* Coaxial cable. 
¢ Fiber optics and optical media 
> Fiber optic cable. 
> Backbone. 


> Optical networks. 
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¢ Wireless transmission 
> Microwave systems. 
> Satellites. 
> Cell towers. 


¢ Transmission speeds 


> BPS/ Baud. 

> Hertz. 

> Bandwidth. 
Signals types 


A signal is an electric current or electromagnetic field that conveys data from one place 
to another (between two devices). A signal can take on a simple form such as current, 
or other forms: voltage variation, light pulse, modulation of an electromagnetic 
wave,..etc.. In electronics, there are two main types of signals used: 


> Analog signal 


Amplitude 


Figure 51: Analog Signal 
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> Digital signal 


Amplitude 


Figure 52: Digital signal 


Example with modem (Modulator-Demodulator): 


Analog Signal Digital Signal 


an "al 


Figure 53: Converting signals 


The characteristics of the path (channel) 

- It carries electromagnetic waves. 

- The signal must meet certain characteristics (of the wave). 
- Simple form and complex form of sinusoidal function. 


- Signal attenuation is translated by the decrease in amplitude within this signal, this 
falls off mainly: 


> Atmosphere factor. 
> electromagnetic fields. 
> Distance between E/R separating the two ends. 


> Quality of the path (zinc, copper, fiber,..etc). 
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Emitted Signal 
a Attenuated Signal 


Ww 


Figure 54: Signal attenuation 


The attenuation is measured in decibels (db). 


In practice for long distances, coils are added at regular intervals to amplify the 
signal. 


- Phase shift designates the delay of the transmitted signal compared to the received 
signal. 


Transmitted Signal 
Received Signal 


Figure 55: Phase shit 


The phase shift is important for the receiver so that it knows when to sample the 
signal (interpret the signal). 


The phase shift depends on the nature of the line and the distance. 


* Bandwidth a bandwidth of a transmission path for a given attenuation A, the 
frequency interval sets the attenuation less than or equal to A( <A). 
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Frequency 


Figure 56: Bandwidth 
The frequency band expresses with two terminals F1, F2 
Bandwidth = [FiF2] = Fo - F:. 


- Bit rate (as a variable R) we call bit rate the maximum number of binary symbol 
transmitted per second (bit/s) over a path D =n R_, n: number of bit / elementary 
moment. 


- Elementary moment (T in seconds) is the duration during which the signal is not 
modified. 


- Baud rate is a measure of how many times a signal changes (or could change) per 
second. 


- Bps (bits per second) is a measure of how many bits can be transmitted during one 
pulse (one baud). (or, bps is simply the number of bits transmitted per second) . Bos = 
baud * number of bits per baud. 


- Modulation speed (S in bauds “bd”) is the number of elementary moments 
transmitted per second. S = 1/T 


Single Bit 


Figure 57: Modulation speed 
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- Noise is undesired waves in the digital or analog signal interfering with the original 
message signal that negatively influence on the parameter of signal message, where it 
results in a bad quality of signal and data. 


Figure 58: Noise 


- Capacity of a path (channel) designates the maximum amount of binary information 
transmitted over a channel per second. 


The maximum capacity of a channel is given based on Shannon’s law such as 


1 t i 
N 


W: bandwidth. 
S: Signal. 
N: Noise. 


C=Wlog, 


Considers the noise. 


Key parameter is signal-to-noise ratio (S/N, or SNR), which is the ratio of the 
power in a signal to the power contained in the noise, typically measured at the 
receiver. 


> Often expressed in decibels. 


signal power 
(S/N) =10log ———— 
dB noise power 
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5.8 Internet and services 
Internet 


Sometimes the Internet is called connected Internet. Two words internet and 
internetwork are the abbreviation of the phrase interconnected network. There is a 
difference between internet and Internet (written with capital “I”). The Internet refers to 
the worldwide set of interconnected networks. The Internet is an internet, but the 
reverse does not apply. 


The Internet consist of many groups of networks, one amid of the most important is: 


> Backbones are extended networks used to interconnect other networks. Also 
known as network access points (NAPs) or Internet Exchange Points (IXPs). 
Currently, the backbones consist of commercial entities. 


There are many organizations that have determined The Internet standards: 
> ISOC Internet Society 
IAB Internet Architecture Board 
IETF Internet Engineering Task Force 


> 

> 

> IRTF Internet Research Task Force 

> ICANN Internet Corporation for Assigned Names and Numbers 
> 


IANA Internet Assigned Numbers Authority 


The startup of the first network by the US Army. Since the United States considers the 
Internet to be its invention, it currently governs the Internet around the world. 


Speed and services 
Internet Speed 


> Ping (Latency) is used to test the accessibility of the host (exp: Server) and 
gives us the time of response in ms (Millisecond). 


> Downloading is the process that allows a host (client) to receive data from 
another (server) through the internet. It is measured in Mbps (Megabits per 
second). For example, watching videos on youtube, opening a website, 
receiving an email. 
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> Uploading is the process that allows a host (server) to send data to another 
one (client) through the internet. It is measured in Mbps (Megabits per second). 
For example, uploading the CV to career website, sending emails, posting 
articles and photos, using your web cam. 


It is known that downloading speed is faster than uploading in home Internet, this is 
due to the fact that high-speed internet connections including cable, modems and DSL 
(digital subscriber line) are asymmetric. They are designed to be able to offer this 
feature, unlike the symmetries which offer equality in downloading and uploading 
speed. The needs or probability of downloading by normal clients is more downloading 
than uploading, that’s why the Internet service provider (ISP) has designed their 
systems to give priority to downloading. 


Fiber optic Internet offers very high-speed internet that gets to 1000 Mbps (1Gbps) or 
faster. It is the future of broadband. 


Measures of bandwidth unit 

1 bit per second (1 bit/s, 1 bps), basic bandwidth unit. 

1 kilobit per second (1 Kbps), 1000 bps = 102 bps. 

1 megabit per second (1 Mbps), 1 000 000 bps = 10° bps. 

1 gigabit per second (1 Gbps), 1 000 000 000 bps = 10°bps. 

1 terabit per second (1 Tbps), 1 000 000 000 000 bps = 10? bps. 


Services 


loT Internet Of Things refers to physical objects (Things) that are intelligently 
connected together over the internet. They are embedded with sensors, and other 
technologies to collect and exchange information with other devices and systems. 


VPS is virtual private server, sometimes referred to as a virtual dedicated server (VDS) 
(but not same technology). You can leverage to this service by being a client at a web 
hosting service. In fact a physical machine or a server is likely to operate multiple 
virtual servers and you are granted remote access to one of them. For example, 
Ubuntu server with performance features as processor speed, memory and hard disk 
Capacities. 
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> Example of service provider: DigitalOcean, Aruba.it , OVH, AWS (Amazon Web 
Services), Microsoft Azure, GCP (Google Cloud Platform). 


Cloud computing is a set of services or resources available over network or internet, 
where you can obtain data storage, thus enable user to store files. There are other 
services to share, such as computing power. 


> Example of service provider: Dropbox. 
> To install iton your own server, you can use software Owncloud. 


Private cloud is a type of computing that does not allow sharing resources with others. 
A private cloud user has the cloud for himself. 


Public cloud is a type of computing that allows sharing resources with others (exp: 
companies) through the Internet. Resources may include storage capabilities. 


Due to experiences, it is better to encrypt your data, especially when you use public 
data storage in case of security breach. 


Cloud computing functions 


> IAAS is an Infrastructure As A Service, this model provides hosting (IT 
administrators), getting more control and management of Applications, Data, 
Runtime, Middleware and O/S. Using Dropbox for file storage, Google Compute 
Engine are examples of IAAS. 


> PAAS is a Platform As A Service, this model provides development and building 
(Software developers) with limitation on control and management where 
managing enables only Applications and Data. For example, Google App 
Engine, Heroku. 


> SAAS is a Software As A Service, this model provides the possibility of using 
and consuming (End users) without the availability of managing and controlling 
capabilities. Using Dropbox Paper, Office 365 are examples of SAAS. 


The SSL/TLS Certificate is a type of digital certificate, created to secure the 
exchanging information between client’s web browser and web servers (website) via 
the HTTPS protocol. 


> Known authorities for obtaining a valid certificate: DigiCert Inc, Entrust Inc..etc. 
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> Generating a Self-Signed Certificate valid and free: Let’s Encrypt, SSLChecker. 


The World Wide Web (www) accordingly to the World Wide Web project and on the 
first website at CERN, The WorldWideWeb (W3) is a wide-area hypermedia 
information retrieval initiative aiming to give universal access to a large universe of 
documents. 


The World Wide Web is known also as a Web, it is a collection of web pages or 
websites stored in web servers and connected to devices such as computers, smart 
phones via the Internet. 


URL (Uniform Resource Locator) is an online address which is a reference of web 
resources, It is also called a website. For example the website (www + domain) 
www.google.com that you can write in web browser to get the web pages for it. URL is 
also used for other reasons such as file transfer (ftp) and email (mailto). 


The Deep Web or hidden web refers to websites or web pages that are not indexed by 
the standard web search engines at Google, Duckduckgo, Yandex, Baidu,.. etc. The 
ones listed by search engines are mainly the Surface Web. 


The Dark Web is a part of the Deep Web, but it is accessible only by specific software 
and over networks such as Tor (“onion routing” project) and I2P (The Invisible Internet 
Project). Using the Tor Browser to surf dark websites, identified by Domain Name (hard 
long string) + ".onion" (a Top-level Domain) is an example. 


5.9 Examples of Topologies and Architecture for an 
Enterprise 


5.9.1 Physical topology — LAN 
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Figure 59: Physical topology - LAN 
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5.9.2 Logical topology - LAN 


<Ethernet LAN / VLAN>Servers room 
Admin office, Meeting room 


Network: 192.168.1.0/24 
Firewall02: 

192.168.1.1 

Serveur/IP: 

File server(FTP)/ 
192.168.1.4 
Backup/192.168.1.5 


Firewall01/Router :172.16.1.1(outside 
Internet),172.16.3.1(outside VOIP)/172.16.1.2 
W W W Router: 192.168.0.1 

Virtual Subnet: 192.168.2.0/24(Data), 
192.168.3.0/24(Voice) 

Router/Firewall02: 172.16.2.1/172.16.2.2 
Firewall02/Admin01,Admin0O2, Printer, Servers, AP 
(Firewall02/AP: 192.168.1.1/192.168.1.10) 
Router/Firewall03: 172.16.4.1/172.16.4.2 
Firewall03/Manager,Mark agent, dev1, dev2, 
designer 

irewall03/Manager: 192.168.2.1/192.168.2.2) 


Multiple protection 


<Ethernet LAN / VLAN> Emplyees and 
Manager offices 


ES 
VLANO1 - Voice Network: 192.168.1.0/24 


Network:192.168.8.0/24 PC/IP, printer/IP: 
DHCP-Range: Admin01/192.168.1.2 


192.168.8.2-192.168.8.3  Printer/192.168.1.3 
Default-router 
192.168.8.1 


Network: 192.168.2.0/24 VLANO3 - Voice 
DHCP-Range: Network:192.168.3.0/24 
192.168.2.2-192.168.2.6 Default-router 
Firewall03: 192.168.3.1 

192.168.2.1 DHCP-Range: 
Laptop(PC)/IP: 192.168.3.2-192.168.3.6 
Manger/192.168.2.2 Telephone/IP: 

Markt Agent/192.168.2.3 Manager/192.168.3.2 
Designer/192.168.2.4 Markt Agent/192.168.3.3 
Dev1/192.168.2.5 Designer/192.168.3.4 
Dev2/192.168.2.6 Dev1/192.168.3.5 
Dev2/192.168.3.6 


VLANO2 - Data 
Telephone/IP: Network: 192.168.9.0/24 


Admin02/192.168.8.2  DHCP-Range: 


Metting room/192.168.8.3 192-168.9.1-192.168.9.2 
Default-router 


192.168.9.1 
Laptop/IP: WI-FI 
Admin02/192.168.9.2 Network: 192.168.4.0/24 
DHCP-Range: 
(Ce 2>)) 192.168.4.2-192.168.4.10 
— Adresse AP: 
192.168.4.1 
Laptop(PC)/IP: 


Manager/192.168.4.2 
Markt Agent/192.168.4.3 
Designer/192.168.4.4 
Dev1/192.168.4.5 
Dev2/192.168.4.6 
Admin01/192.168.4.7 
Admin02/192.168.4.8 


<WI-Fi WLAN: 192.168.4.0 > 


Figure 60: Logical topology - LAN 
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5.9.3 Website diagram - IAAS 


w 
5 


4s 
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Figure 61: Website - IAAS 
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5.9.4 Website diagram — IAAS with secured data backup 


Figure 62: Website - IAAS with secured data backup 
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5.9.5 Infrastructure web schema — IAAS with secured data 
backup 


Infrastructure of the 


<n network in the company 


pA < VPN-Remoteaccess: checkpoint 


Firewall < VPN site to site: cisco > 


Load Balancer 


Email Server Backup Server 


Web Server 01 Web Server 02 


Database Server 01 Database Server 02 


9g _— 2 


Failover: 
if db01 fails then 
db02 operates automatically; 


Figure 63: Infrastructure web schema - IAAS with secured data backup 
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Chapter 6 


Computer programming 


“Find out the secret behind computer systems” 
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6. Computer Programming 


Programming in few words 


To make it easier for us to understand, in the computer world taking any action or 
causing an event, is a problem itself. We look for a solution and we write it ina 
mathematical language called algorithm, which people understand in any language. 
After that we change it to a computer language like C language so that we write it ina 
text editor or in a language program with adding some things such as the call of the 
libraries, so that it appears in the form of a C program, then we compile it 
successfully without errors, and in the end we execute the compiled program. 


6.1 Programming concepts 


Algorithm (In Arabic: 4jjl9sJI, the word originates from the name of the 
mathematician, Al-Khwarizmi ((43)!94J!), to whom the concept of the algorithm in 
mathematics is attributed). 


It is a method of finite sequenced mathematical and logical steps for solving problems 
by hand or a machine, nowadays it is often oriented to be treated by a computer 
implementation. 


It is perfect if the algorithm is optimal because it helps you avoid wasting memory 
space and execution time, for getting a good performance. 


Complexity of an algorithm is a measure of the amount of runtime or space or other 
relevant computational resources (like communication) required by an algorithm to 
solve one of those problems for an input of a given size (n). 


Writing an algorithm depends on the degree of difficulty of the problem we are about 
to solve. 


One of the essential methods to quickly write an algorithm is that you have to practice 
a lot on different exercises and memorize the solution or rather the way of finding the 
solution. The general way to write an algorithm are as follows: 


> Understanding the problem is a half of the solution, as we know. 


> Dividing the problem to easily solve it especially if it is complex by nature. 
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> Determining such as the type of an algorithm (iterative, recursive,..) and data 
structure you are going to use. 


> Doing anything Beginning to write the algorithm will encourage you to 
continue. 


> Correcting what is false and out of scope. 


Finishing and optimizing After you finish writing the algorithm, try to improve it, 
by initializing the variables, removing redundancies, defining and handling all 
expected error messages cases.,..etc. 


In case of algorithm implementation, choose the best programming language 
convenient for solving the problem. Do it at the beginning, after the understanding 
step. 


Building blocks of algorithms 


An algorithm is solving a problem based on three basic building blocks: sequence 
(executing statements in order, without condition), selection (choosing between 
different actions, with the condition) and iteration (Repetition (loop) of the process 
while the condition is true). 


Flowchart is a graphical representation of an algorithm. There are several symbols 
that are applied in flowchart, such as: 


Cc) : Start / End ; Jf Input / Output ; <> : Decision ; 


: Process (Instruction) ; w : Arrow (Flow line). 


Division example of two integer numbers: Div = x / y. 

The algorithm to solve this problem is as follows: 

Step1: Start 

Step 2: Read or get two integer numbers as input and store it in to x and y variables 


Step 3: If y equal to zero (0) then 
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Step 4: Print the message “Division by zero is undefined” 

Step 5: else i.e. if y does not equal 0 then 

Step 6: Divide the number x by y and store the result into div variable 
Step 7: Print div 

Step 8: Stop 


Whereas the flowchart is as follows: 
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wv 


Read x,y 


rite “Division 


Write div by zero is 


Figure 64: Flowchart of division algorithm 


Writing the algorithm in a form closer to the computer programming language: 
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Algorithm division 
var x,y,z : integer 
begin 
read (x,y) 
if y== O then 
write (“Division By zero is undefined”) 
else: 
div=x/y 
write (div) 
end 


Fundamental types of algorithm 

> Iterative Algorithm 
Recursive Algorithm 
Brute Force Algorithm 
Randomized algorithm 
Divide and Conquer Algorithm 
Dynamic Programming Algorithm 


Greedy Algorithm 


VV VV VV WV 


Backtracking Algorithm 
> Branch and bound algorithm 
Iterative and recursive algorithm 


Iteration or recursion are classified by the implementation method. Iterative 
algorithms use a repetitive structure, the loops to solve the problem. Whereas the 
recursive algorithm (function) uses a selection structure, it calls itself several times, 
each time it solves a sub-problem until it reaches a stop condition, thus eventually 
solving the whole problem. Perhaps, the choice of implementing an iterative or 
recursive algorithm is due to the difficulty of the problem. For example, the complex 
problem that is easier to understand and solve in the recursive version is the “Towers 
of Hanoi’. 


Every problem solved by a recursive algorithm has a solution with an iterative 
algorithm and vice versa. 
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Brute Force Algorithm 


A brute force algorithm tries out all the possibilities until a satisfactory solution is found. 
This type of an algorithm is used a lot in hacking to find out the credentials of the 
accounts (usernames and passwords) in many communication protocols such as 
HTTP and HTTPS for website, SSH. 


Simple data types 


Very common data types are: 


> 
> 
ra 
> 


Integers. 
Real numbers. 
Characters. 


Strings of characters. 


Data structure types and important related algorithms 


Data structure is a way of storing and organizing data for processing by computer 
programs. Popular types of data structure are mentioned below: 


> 


Array is the most fundamental data structure. It has a constant number of data 
items (elements) that are organized sequentially, which are provided implicitly 
(by the position in the array), and that are stored contiguously, and are 
accessible by an index. It refers to the ith element of an array tab as tab [I]. 


Linked list is a set of items organized sequentially like an array but we use an 
explicit arrangement in which each item is a part of a node that also contains a 
link to the next node (an item points to next). Linked list can grow and shrink in 
size during its lifetime, thus there is no need to know the maximum size in 
advance. 


Stack is a linear and restricted access data structure. The elements are 
operated based on LIFO (Last In First Out) or FILO (First In Last Out) order with 
two operations push (insert an item at the beginning) or pop (remove an item 
from the beginning). 


Queue is a linear and restricted-access data structure. The elements are 
arranged based on FIFO (First In First Out) rule. Only two basic operations are 
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involved insert (insert an item into the queue at the beginning) and remove 
(remove an item from the end). 


Tree is an abstract object, a nonempty collection of vertices and edges that 
satisfies certain requirements. Every two vertices (simple objects or nodes) can 
be connected via the edge. A node (vertex) can have a name and can carry 
other associated information. A plane tree (or ordered tree) is a rooted tree 
which is defined by ordering the outgoing edges of each vertex. Whereas a 
binary tree is a plane tree, each vertex of which has at most two elements of 
children (typically called left and right child). 


And the major related algorithms in which they use data structure to optimize the 
codes are as follows: 


> 
> 
> 
> 
> 


Search Searching for an element in the data structure. 

Sort Sorting elements in a preferred order in the data structure. 
Insert Inserting element in the data structure. 

Update Updating an existing element in the data structure. 


Delete Deleting an existing element from the data structure. 


A Program is a set of computer instructions that can be read and executed by a 
computer to solve a given problem or rather to perform a specific task. In general, the 
status of the program varies according to its development and production cycle: 


> 
> 
> 


> 


Source program. 
Compiled program - Incomplete Object Code. 


Compiled program - Object Code (without linking or with: Incomplete Object 
Code linked with Library Routines). 


Executed program. 


Program and algorithm 


Basing on the concepts of both the algorithm and the program, it appears to us in 
general that the program is more than an algorithm, and this is because the program 
mainly contains problem-solving instructions that are included in the translated 
algorithm and other instructions include the features needed to implement the 
algorithm. 
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Procedure and function 


Procedure and function are subprograms inside a program. Both can solve certain a 
subproblem or a problem. It can call them once or many times in the subprogram or 
program, where parameters can be passed to both procedures and functions. 


A procedure performs a task without returning a value, unlike a function which returns 
a value such as integer, real, boolean (true or false). 


C standard does not define a procedure, only a function, unlike Pascal and SQL which 
have the procedure and the function. Practically in C, to define a function to act as a 
procedure we make: void function (void dothing (int n)). 


Programming is the process of instructing a computer in order to solve problems. In 
this way, the programmers write, test, debug, maintain, and save the source code of 
the program, and produce the executable version. 


Programming language is a vocabulary and set of syntax comprising a set of 
instructions to perform specific tasks that a computer can understand. The computer 
programming language is used to implement the algorithm to be a code source and it 
is usually written in or inspired by the English language. 


Programming language types 
Below there are the common programming language types with examples: 


Procedural Programming Language: BASIC, C, FORTRAN, Java, and Pascal. 


Vv 


Functional Programming Language: Lisp, Python, Erlang, Haskell, and Clojure. 


> Object-oriented Programming Language: C++, C#, Java, and Python. 


Vv 


Scripting Programming Language: JavaScript/ECMAScript, PHP, Python, Ruby, 
Bash, Batch, PowerShell, Groovy, Perl, Lua, VBA, and Emacs Lisp 


> Logic Programming Language: Prolog, ASP (Answer Set Programming), Alice, 
and ALF (algebraic logic functional programming language). 


Procedural and object-oriented programming languages 


Procedural language follows in sequential order the sequence of instructions, 
specifying what to do and how to do it to solve specific problems. This language uses 
the procedural programming paradigm which treats data and procedures as two 
different entities. Based on the concept of a procedure call, procedural programming 
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can divide the program into procedures (routines, subroutines or functions). The main 
features of procedural programming are predefined functions, local and global 
variables, modularity, parameter passing. 


Object-oriented language (OOL) uses the object oriented programming (OOP) 
paradigm which is based upon the concept of objects that interact with the real world. 
Objects contain data in the form of attributes and their associated processing (code) in 
the form of methods. The major features in object-oriented programming (OOP) are 
encapsulation, abstraction, polymorphism, and inheritance. 


Programming in C (basic language) the above division problem with the given 
algorithm: 


#include<stdio.h> 

void main() 

{ 
int x,y,div; 
scanf("%d %d",&x,&y); 
if (v == Of 


printf("Division by zero is undefined\n"); 


else { 
div=x/y; 
printf(""%d\n",div); 
} 
} 


Use a function to solve the division problem with a better display, such as printing 
“Type the first number” including some indication: 
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#include <stdio.h> 
/* here we can declare the global variables */  < 
declaration 
int division(int x, int y) 
{ int div; < 
div = x/y; 
return div; /* division func stores div value*/ 


Header(call library) 
—— For global variables 


Local variable declaration 
<—_Division function with declaration 
of formal parameters (in function 


} definition) 

int main() 

{ 
int x1,y1; < Declaration of local variables 
printf(""Type the first number:\n"); in main function 
scanf("%d",&x1); <— Main function 


printf(""Type the second number: \n"); 
scanf(""%d",&y1); 
if (v1 == 0) 

{ 


Entire source program 


printf("'Division by zero is undefined\n"); 
} 


else { 


printf(The result is: %d\n",division(x1,y1)); 
} a Calling the division function 


return 0; 


} 


Figure 65: Body of C program 


Solving the same problem, but with using the statement exit (1) (Exit Failure) into the 
function for a better handling the issue (the division condition by 0), that means here 


the abnormal termination of the program i.e. an error has occurred which is the 
undefined division by zero. 


(exit (0) (Exit Success) means successful termination of the program, without any error 
or interrupt) 
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#include<stdio.h> 

#include<stdlib.h> 

int division(int x, int y) 
{ int div; 


LW==0) 
{ 


printf("Division by zero is undefined\n"); 
exit (1); 
} 
else { 
div = x/; 
return div; 
} 
} 
int main() 
{ 
int x1,y1; 
printf(""Type the first number:\n"); 
scanf(""%d",8&x1); 


printf(""Type the second number: \n"); 
scanf(""%d",&y1); 


printf(The result is: %d\n",division(x1,y1)); 
return 0; 


} 


The number of C language keywords (predefined and reserved words for a specific 
acts; and they must be written exactly as they are) is 32. They are as following: 


auto, double, _ int, struct, break, else, long, switch, case, enum, register, typedef, char, 
extern, return, union, continue, for, signed, void, do, if, — static, while, default, goto, 
sizeof, volatile, const, float, short, unsigned. 


Whereas, the number of keywords in Python (v3.9.2) language is 35: 


False, await, else, import, pass, None, break, except, in, raise, True, class, finally, is, 
return, and, continue, for, lambda, try, as, def, from, nonlocal, while, assert, del, global, 
not, with, async, elif, if, or, yield. 
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There are two ways to convert the program in high-level programming language into 
the machine language: compile or interpret it. 


Compilation and interpretation 


A compiler is a program that transforms the source code (Source program) written in a 
high-level programming language into the target code (compiled file which is in 
general, the object code) in low-level language (assembly language or machine 
language), at once, before the program runs. The translation can only be done if the 
source code is correct because, if there are errors, the role of the compiler will be 
limited to outputting error messages. 


Vv 


"Errors messages | 


Source Code —_ 


Target code 
(Object code/Machine code) 


Figure 66: Role of Compiler 


In the following schema, more details are indicated with the demonstration of the roles 
of the Linker and the Assembler: 
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Input i 


Source Code = Compiler Target code 
(Object —— code) 


a4 


"Errors messages | | Output | 


Target code | 
(Assembly code) 


| Incomplete 
object code 


Figure 67: Roles of Compiler, Assembler, and Linker 


Compiler phases 
> Lexical analysis 
Syntax analysis 
Semantic analysis 
Intermediate code generation. 


Intermediate code Optimization. 


VV VV WV 


Target Code generation. 
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Compilation leads to better performance in general: 
> Allocation of variables without variable lookup at run time. 
> Aggressive code optimization to exploit hardware features. 


The interpreter is a program, which converts each high-level program statement 
(including source code, pre-compiled code, and scripts) one by one, into a machine 
code, during the program run. 


| Input | 


Source Code | -- Interpreter Output 


Figure 68: Role of Interpreter 


Interpretation leads to better diagnostic of a programming problem: 
> Procedures can be invoked from command line by a user. 
> Variable values can be inspected and modified by a user. 


Assembler is the closest language to the machine or more precisely the processor, So 
it is the lowest level programming language, which is readable by a human being, after 
that there is the machine language, the Os, and 1s. As you see above, | have inserted 
the Assembler in the second detailed compiler schema (figure of “Roles of Compiler, 
Assembler, and Linker”). In Linux you can, assembling the assembly source code 
“program_name.asm” with nasm command and link the output program with /d 
command, to get in end the executable program. 


Here, programming is more difficult but the performance is superior to that of high level 
languages. An example of assembler instruction: 


mov ax, 1234h ; Copies the value 1234hex (4660d or 0001001000110100b) into register 
AX —> The machine code corresponding to this instruction is B83412H or in binary: 
0000 0000 1011 1000 0011 0100 0001 0010 
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Related programming language 
> Using compiler: C, C++, C#, Java, Pascal, Scala. 
> Using interpreter: Python, Perl, Ruby, PHP. 


> Using assembler: Intel x86 family (backward-compatible assembly languages 
like for microprocessors 8086 (16 bit) and 80386 (32 bit)); MIPS R3000, R4000 
and R8000; x64. 


C and Assembly languages were used to develop Unix (all modern operating 
systems have their roots in 1969 when computer scientists Dennis Ritchie and Ken 
Thompson developed the C language and the Unix operating system (the first version 
of UNIX on a PDP-7 minicomputer) at AT&T Bell Labs). Unix was written in Assembly 
language and was rewritten in C. C is one of the most performant high-level language 
(HLL) of programming languages due to its structure and closeness to the machine 
language. 


Application programming interface (AP!) 


An API is a software that intermediary consists of a set of functions, protocols, and 
tools that allows at least two software to communicate by enabling them to exchange 
data and functionality easily and securely. The following diagram is an example of 
interaction with an API: 


API requests 
Client System 
vo ‘API responses 


Figure 69: Interaction with API 
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6.2 Shell programming 


Bash “Bourne-Again SHell” has become a de facto standard for shell scripting on most 
flavors of Unix. Bash is the shell, or a command language interpreter, for the GNU 
Operating system. The shell script is a computer program for automating the shell 
commands to execute the task. Many Linux commands are scripts. 


System administrators need at least a basic knowledge of scripting, even if they do not 
expect to write a script, to understand how their systems (OS, servers and 
applications) are started, stopped, updated, upgraded, patched, maintained, 
configured, and removed, and also to understand how a user environment is built. 


6.2.1 Shell special parameters 


$? : Stores the exit code of the last executed operation in the foreground. 


$ Is file.c 
file.c 

$ echo $? 
0 


$? : Contains 0 which means true i.e. the most recently command in the foreground is 
executed successfully, otherwise it is false. 


$ Is file30.c 

Is: cannot access 'file30.c': No such file or directory 
$ echo $? 

2 


$! : Contains the process ID of the last executed command in background. 
$0 : Contains the name of the shell or a shell script. 

$$ : Contains the process ID of bash shell itself. 

You can find more from man page of bash: 


$ man bash | awk '/Special Parameters$/’,’/Shell Variables$/' 
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6.2.2 Control operators 
Hash sign (Pound sign) “#” 


The hash is used to write a comment in shell or in the shell script, as the shell ignores 
the writing after this tag. 


$ mkdir -p dir1/dir2/dir3 # To create a directory tree, one inside the other and so on. 
Semicolon “;” 


By using a semicolon, the shell considers commands to be separated. The commands 
will be executed sequentially. The shell interprets them one at a time. 


Vertical bar “|” 


The vertical bar character represents a pipe. It is used to pipe one command (program) 
into another. That is used to send the output of the first command into the input of the 
second command for further processing. 


$ cat file.c | wc 
5 18 120 


cat command reads the content of file.c that pipes by “|” into the wc command, which 
its role to count the number of lines (5), words (18), and characters (120) of this 
content. 


Ampersand “&” 


Line command ends with an ampersand & which means the command is executed in 
the background, so you will get your shell prompt back. When it finishes executing you 
will get a message. 


$ mkdir newfolder & 

[1] 3484 

$ 

[1]+ Done mkdir newfolder 


The backslash “\” escaping 
“\” character can escape special characters without the shell interpreting it: 


$ echo escaping \\\?\*\"\'\# 
escaping \?*""# 


End by backslash “\” 
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If the command line ends with a backslash “\”, the shell doesn’t interpret it and wait for 
the other newline (or newlines) to end without “\’, such as in the following example in 
which the command line is split into three parts: 


$ echo Hello \ 
> Students\ 

>! 

Hello Students! 


Double ampersand “&&” 


&& is a logical AND. The second command after && will be executed only if the first 
one succeeds (returns a zero (0) exit status). 


Double vertical bar “||” 


|] is a logical OR. The second command after || is executed only when the first 
command fails (returns a non-zero (40) exit status). 


6.2.3 Shell Variables 


Dollar sign “$” 


$ is an important character interpreted by the shell. The shell replaces the string 
located after the $ ($var1) by its value if exists (else nothing), after looking for an 
environment variable. 


Examples using $: $HOSTNAME, $USER, $UID,$GUID, $SHELL, $HOME, 
S$HOSTTYPE, $GROUPS 


$ echo This is the $SHELL shell 
This is the /bin/bash shell 


Quotes “ "double quotes" and ‘single quotes’ “ 


$ echo "This is the $SHELL shell" 
This is the /bin/bash shell 


We notice in the example above, that double quotes allow the parsing of variables and 
the bash shell will replace variable with its value. Whereas single quotes prevent this, 
and the bash shell doesn’t replace variable with its value, such as in the following 
example: 


kalikal@kali:~§ echo 'This is the $SHELL shell' 
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This is the $SHELL shell 


set command can be used to display a list of environment variables and shell 
functions. 


$ set | more 

Other example of use: 

To stop a script immediately, type: 

$ set -e 

To turn on the debugging information, type: 
$ set -x 

To turn off the debugging information, type: 
$ set +x 


unset command can be used to remove a variable from a shell environment. Some 
variables cannot be unset. 


$ var=50 

$ echo $var 
50 

$ unset var 
$ echo $var 


(empty) 


env command without options displays a list of exported variables and their values. It 
can run a program in a modified environment. 


$ env 


export command can export shell variables to other shells. This will export the variable 
to child shells. 


$ var1=one 

$ var2=two 

$ export var2 

$ echo $var1 $var2 
one two 

$ bash 

$ echo $var1 $var2 
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two 


But it will not export to the parent shell. Based on the previous commands, let us 
continue to illustrate this. 


$ export var3=three 

$ echo $var1 $var2 $var3 
two three 

$ exit 

exit 

$ echo $var1 $var2 $var3 
one two 


With env command you can find your exported variable and unset it with the unset 
command. 


$ env|grep var2 
var2=two 


$ unset var2 
$ env|grep var2 
(nothing) 


PATH variable ($PATH) determines where the shell is looking for commands to be 
executed (unless the command is builtin (builtin is contained within the shell itself ) or 
aliased). 


Show the content of the current $PATH: 


$ echo $PATH 
/home/kalikal/local/bin:/usr/local/sbin:/usr/sbin:/sbin:/usr/local/bin:/usr/bin:/bin:/usr/local/ 


games:/usr/games 
Which is a list of directories, separated by colons. 
Set the PATH: 


To type the command from any directory, we set our PATH with the path of the file 
directory using the following format: 


export PATH=$PATH:/location/of/the/file 


Example: the location of the executable file “file3” is in “/nhome/kalikal”, so to execute it 
from anywhere, we do: 
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$ export PATH=$PATH:/home/kalikal 
Now try to run the file: 


$ file3 
Hello Reader 


To remove the last added location from the $PATH, type: 
$ PATH=$(echo "$PATH" | sed -e 's/:Vhome\/kalikal$//’) 

To unset the PATH, type: 

$ unset PATH 


To set the PATH~ permanently, append the above line (export 
PATH=$PATH-/ocation/of/the/file) to ~/.bashrc (or ~/.profile,..) and reload the file with 
source command if you want to use it in the current session. 


PS1 variable ($PS1) determines the shell prompt. 
My current value of $PS11 is: 


$ echo $PS1 
\[\e]0;\u@\h: \w\a\]${debian_chroot: + ($debian_chroot) }\[\033[01;31m\]\u@\h\[\033[00m\]:\ 
[\033[01;34m\]\w\[\033[00m\]\$ 


lu for the username, \w for the working directory, and \h for the hostname. 
Change $PS1: 

$ PS1=prompt: 

prompt: 


6.2.4 Storing and displaying 


Store and display a character and a number 


$ a=c 
$ echo $a 
Cc 


$ x=1 ; echo $x 
1 
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Store and display phrases 


$ a="Hello Porgrammer!" ; echo $a 
Hello Porgrammer! 


$ a="Hello Porgrammer!" && b="Hello Professor!" 
$ echo $a $b 
Hello Porgrammer! Hello Professor! 


6.2.5 Arithmetic operations 


Sum of two numbers: 


$ x=15 ; y=10 

$ z=$((x+y)) 

$ echo $z 

25 

Multiplication of two numbers: 


$ x=15 ; y=10 

$ 2=$((x*y)) 

$ echo $z 

150 

Table 

Store items in the table: 
$ tab=("c1" "c2") 

Or: 


$ tab[OJ="c1" 
$ tab[1]="c2" 


Display the items from the table: 
One by one, the first and the second: 


$ echo ${tab[0]} 
cl 
$ echo ${tab[1]} 
c2 


All items: 


288 


$ echo ${tab[@]} 
c1 c2 


Or: 

$ for iin ${!tab[@]};do echo ${tab[i]};done 

2 

Or: 

$ for((i=0;i<${#tab[@]};i++));do echo ${tab[i]};done 
2 

Items number: 


$ echo ${#tab[@]} 
2 


Or: 
$ echo ${#tab[*]} 
2 


Sorting an array (table) contents: 


$ arr=(692408) 
$ for iin ${!arr[@]};do echo ${arr[i]};done | sort 


OADANMOS 


6.2.6 Control structures 


Test command 


The test command can test if something is true or false. It returns O which means true, 
otherwise it returns 1 and that means false. 


Testing if the integer 16 is greater than 6 or not: 
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$ test 16 -gt 6 ; echo $? 
0 


To display true or false instead of 0 or 1, type: 
$ test 16 -gt 6 && echo true || echo false 
true 


-gt: greater than 

-ge: greater than or equal to 
-It: less than 

-le: less than or equal to 
-eq: equal to 

-ne: not equal to 


Testing if the strings are equal: 


$ test STRING1 = STRING1 ; echo $? 
0 


Testing if the strings are not equal: 


$ test STRING1 != STRING2 ; echo $? 
0 


Test whether the file exists or not: 


$ test -e file.c ; echo $? 
0 


The test command can also be written as square brackets (same above example): 


$ [ -e file.c ] ; echo $? 
0 


It returns 0 which means that the file exists in the current directory. 


-é file: file exists 

-d file: file exists and is a directory 

-f file: file exists and is a regular file 

-w file: file exists and write permission is granted 

-x file: file exists and execute (or search) permission is granted 
-S file: file exists and has a size greater than zero 
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The condition structure “if” 


The if then else or elif construction is about the selection (choice). If a certain 
condition is met, then execute something, else execute something else, or test a new if 
condition inside an else with elif. fi indicates the end of the condition. 


$ if [ -f file.c ]; then echo "file.c exists!"; else echo "file.c doesn't exist!"; fi 
file.c exists! 


We can write also the above given example in the shell with this form: 


$ if [ -f file.c ] 
> then echo "file.c exists!" 
> else echo "file.c doesn't exist!" 


> fi 


file.c exists! 
Or with shell script file (bash file): 
$ nano test-file.bash 


#!/bin/bash 

if [ -f file.c ] 

then echo "file.c exists!" 

else echo "file.c doesn't exist!" 


fi 
Execute the file: 


$ bash test-file.bash 
file.c exists! 


Or: 


$ chmod +x test-file.bash 
$ Aest-file.bash 
file.c exists! 


This first line #//bin/bash is known as “shebang” (sha-bang). Shebang is the 
character sequence consisting of the characters sharp and exclamation mark "#!". It is 
used to tell the operating system which interpreter to use to parse the rest of the file. 
#!/bin/bash executes the script using the Bash shell. #!/bin/sh executes the script 
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using the Bourne shell or a compatible shell, with path /bin/sh. The form of the 
shebang interpreter directive is as follows: #/interpreter [arguments] 


Hereinafter, our shell script files are defined with a bash or sh (#!//bin/bash or #!/bin/sh). 
Script to display the files list: 


#!/bin/sh 
echo -n "Do you want to see the list of files [Y/N] : " 
read yesno 
if [ $yesno = "y" ] || [ $yesno = "Y" ]; then 
echo "List of files :" 


Is -la 
elif [ $yesno = "n" ] || [ $yesno = "N" ]; then 
echo "Ok, bye! " 
else 
echo "You have to type Y/y (yes) or N/n (no)! And not: $yesno" 
fi 
Script to find a file: 
#!/bin/sh 
echo -n "Enter a file name: " 
read file 


if test -e "$file" ;then 

echo "The file exists!" 

else 

echo "The file does not exist, at least it is not in the Script execution directory " 


fi 


The loop structure “for” 


$ for iin 123 4; do echo $i; done 
1 
2 
3 
4 


Or: 
$ for iin {1..4}; do echo $i; done 


Or with adding a sleep command: 


$ for iin {1..4}; do echo $i; sleep 1; done 
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Like this, the interpreter displays the first number. After that it waits 1 second to display 
the second and even so on until the end. 


The loop structure “while” 


$ i=0; while [ $i -le 10 ]; do echo Counting up, from 0 to 10, now at $i; sleep 1; let i+ +; done 
Counting up, from 0 to 10, now at 0 
Counting up, from 0 to 10, now at 1 


Counting up, from 0 to 10, now at 10 


The operation /et i++ increments the variable / by 1, i.e. i stores (=) i+1. (whereas /et i-- 
is used to decrement the variable / by 1 ). Other forms can be used to increment or 
decrement a variable: 


> Incrementing i=$((i+1)), ((i=i+1)), let "i=i+1", ((i+=1)), let "it=1", ((i++)), ((++i)), 
let "i++", let "++i". 
> Decrementing i=$((i-1)), ((i=i-1)), let "i=i-1", ((i-=1)), let “i-=1", ((i--)), ((--i)), let 


i--", let "--i". 
We can make endless loops with while true or while: 


$ while true; do echo hello; sleep 1; done 
hello 
hello 


The loop structure “until” 
$ i=10; until [ $i -le 0 ] ; do echo Countdown, from 10 to 1, now at $i; let i--; done 
The selection structure “case” 


#!/bin/sh 
echo -n "Are you tired ?" 
read answer 


case "$answer" in 
yes |y|Y| Yes | YES ) 
echo "Please! Go take a rest!";; 
"not really" | maybe | half-tired ) 
echo "So please! Go make a coffee for us!";; 
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no |n|N|No| NO) echo "Let's go to work!";; 
* ) echo "What please!";; 

esac 

exit O 


exit O in bash script means that the operation (s) has succeed. 


exit 1 (or non-zero) means that the operation (s) is failed. 


6.2.7 Script parameters 


#!/bin/bash 

echo The first argument is $1 
echo The second argument is $2 
echo The third argument is $3 
echo \$ \ $0 name of the script 


echo \$ \ $$ PID of the script 
echo \# \ $# count arguments 
echo \? \ $? last return code 

echo \* \ $* all the arguments 


Output of the script (named: scriptparams ) above: 


$ bash scriptparams arg1 arg2 arg3 
The first argument is arg1 

The second argument is arg2 

The third argument is arg3 

$ scriptparams name of the script 
$ 46476 PID of the script 

# 3 count arguments 

? O last return code 

* arg1 arg2 arg3 all the arguments 


Shift through parameters 


#!/bin/bash 

if [ "$#" == "0" ] # Test if there is no argument (empty) 
then 

echo Please! give at least one parameter. 

exit 1 


fi 
while (( $# )) 
do 
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echo "You gave me as argument (parameter)": $1 
shift # We scroll 
done 


The output of the script above (named: shiftthrparams.bash) 


$ bash shiftthrparams.bash $ 456+ "hello students" 
You gave me as argument (parameter): $ 

You gave me as argument (parameter): 456+ 

You gave me as argument (parameter): hello students 


We use the same mechanism for adding a list of numbers (Sum): 


#!/bin/bash 

if [ "$#" == "0" ] || [ "$#" == "1" ] # Test if there are not two arguments 
then 

echo Please! type at least two numbers. 
exit 1 

fi 

while (( $# )) 

do 

echo "You typed as input": $1 

sleep 1 

sumnum=$(($sumnum+$1)) 

shift # We scroll 

done 


echo The sum is: $sumnum 
Output of the script: 


$ bash sumnumbers.bash 14 15 11 
You typed as input: 14 

You typed as input: 15 

You typed as input: 11 

The sum is: 40 


6.2.8 Shell Functions 


Function can take two formats: 


function_name () { 
commands 


} 
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Or: 


function function_name { 
commands 


} 


Function to display a message: 


msg() { 

echo "Hello Everyone!" 
} 
So, in terminal we write: 
$ msg(Q) { 
= echo "Hello Everyone!" 
aes 


Or in one line: 
$ msgQ) { echo "Hello Everyone!"; } 
Now we call the function: 


$ msg 
Hello Everyone! 


In shell script (sh file): 


#1/bin/sh 
msgQ) { 


echo "Hello Everyone!" 
} 


msg 
Execute the script: 


$ sh function-msg.sh 
Hello Everyone! 


Sum function 
Sum of two numbers: 


#!/bin/sh 
sumnum() { 


c=$((at+b)) 
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return $c 
} 
read -p "Enter first number: " a 
# -p: prompt output the string PROMPT without a trailing newline before attempting to read 
read -p "Enter second number: "b 
sumnum 
echo "Sum is: $?" 


Output of the script: 


$ sh function-sum.sh 
Enter first number: 145 
Enter second number: 25 
Sum is: 170 


6.2.9 Examples of scripts 
1) Read a simple file line by line: 


#!/bin/bash 
read -p "Please, give the path of the simple text file: " filename 
if test -e "$filename" ;then 
echo "The file exists, and it is as follows: " 
input= $filename # input="/path/to/text/file" 
while IFS= read -r line # -r : do not allow backslashes to escape any characters 
do 
echo "$line" 
done < "$input" 
else 
echo "The file does not exist! " 


fi 
Output: 


$ bash readfile.bash 

Please, give the path of the simple text file: /home/kalikal/file.c 
The file exists, and it is as follows: 

#include <stdio.h> 

int main() { 

/* comment: Program to print the sentence: Hello Reader */ 
printf(""Hello Reader\n"); 

} 
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Internal Field Separator (IFS) is set to the empty string (the default) to preserve 
whitespace issues. /FS is a special shell variable. 


Example of this special variable: 
Change the value of $/FS to help us splitting the string: 


$ IFS="+&*"; inputstr="at+b&c*i-p"; for field in ${inputstr}; do echo $field; done 
a 

b 

c 

i-p 

2) Read from shell variable: 


The following script example is to bring the list of all installed packages of something 
on Linux: 


#!/bin/bash 

read -p "Please, give the shell variable (exp: python): " var 
list=$(dpkg --list $var\* | awk ‘ii{print $2}') 

printf '%s\n' "$list" 


Output: 


$ bash readfromshellvar.bash 

Please, give the shell variable (exp: python): python3 
python3 

python3-acme 

python3-acora 

python3-adblockparser 


3) Finding out the line corresponding to the user number in the “/etc/passwd” file: 


#!/bin/bash 
echo "Please write the user number:" 
read numuser 
if ! [[ "$numuser" =~ ‘[0-9]+$ ]]; then 
echo "You have to enter a user number as a parameter (id >= 0)" 


elif [ Snumuser -ge 0 ]; then 


cat /etc/passwd | nawk -F'":" -v numuser="$numuser" '{ 
if ($3==numuser) 
{ 
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print "The line corresponding to the user number is: " $0 
flag=1 

} 

I 

END{ 

if (flag==0) 

print "The user number does not exist!" 

} 

fi 

Output: 


$ bash lineofuserid 

Please write the user number: 

0 

The line corresponding to the user number is: root:x:0:0:root:/root:/bin/bash 


4) Displaying some colors: 


#!/bin/bash 


Red='\033[0;31m' 
Orange='\033[0;33m' 
Purple='\033[0;35m' 
Green='\033[1;32m' 
Blue='\033[0;34m' 
Cyan='\033[0;36m' 
Normal='\033[m' 
White='\033[0;37m' 
BWhite='\033[1;37m' 
Black='\033[0;30m' 
NC='\033[0m' # No color 


echo -e "1---${Red}Red color${NC}---" 

echo -e "2---${Orange}Orange color${NC}---" 
echo -e "3---${Purple}Purple color${NC}---" 
echo -e "4---${Green}Green color${NC}---" 

echo -e "5---${Blue}Blue color${NC}---" 

echo -e "6---${Cyan}Cyan color${NC}---" 

echo -e "7---${Normal}Normal color${NC}---" 
echo -e "8---${White}White color${NC}---" 

echo -e "9---${ BWhite}Bold White color${NC}---" 
echo -e "10---${Black}Black color${NC}---" 
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6.3 Python on Linux 
Taking a look at Python 


Python is an interpreted, procedural, interactive and objected-orient programming 
language. It is a portable language i.e. same python program can run in multiple 
platforms (Unix/Linux, Windows, Mac) without making changes. 


Python is used for development in many fields. For instance for commands automation 
on operating system, web applications and the internet, artificial intelligence, 
cybersecurity, mathematics. 


We can get a graphical user interface with Tk using the tkinter package which is a thin 
object-oriented layer on top of Tcl/Tk. 


We have two modes to run python codes: interactive (REPL “Read—Eval—Print Loop” 
like shell) and script (usually stored in file). 


6.3.1 Installing Python 
In the following, we will use python3 and the last stable release 3.9.4 for now. 
Find the current python version: 


$ python3 -V 
Python 3.8.3 


We choose to manually download the latest version from the python website and install 
it: https:/Awww.python.org/downloads/ 


Upgrade the current version 3.8.3 to 3.9.4 (if the new installation doesn’t take a top 
place): 


To configure python3 to use the new installed python 3.9 instead of the current 
(default) 3.8 release, run at first the following two commands: 


($ sudo update-alternatives --install <link> <name> <path> <priority>) 
$ sudo update-alternatives --install /usr/bin/python3 python3 /usr/bin/python3.8 1 
$ sudo update-alternatives --install /usr/bin/python3 python3 /usr/bin/python3.9 2 


Here, the version 3.9.4 becomes the current one (in the auto mode). 
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Finally, you can switch between the python versions of python3 which existed in the 
system via the following command: 


sudo update-alternatives --config python3 
Test python3 in interactive mode from the shell: 
$ python3 


If an error occurs, you may have to fix it with changing the path of the python3 to 
/usr/local/bin/python3.9 (because python interpreter is installed as 
/usr/local/bin/python3.9) like the following: 


$ sudo update-alternatives --install /usr/local/bin/python3 python3 /usr/local/bin/python3.9 2 
And then you can select the path and run python3 with the following commands: 
$ sudo update-alternatives --config python3 


$ python3 
Python 3.9.4 (default, Apr 12 2021, 19:37:05) 
[GCC 9.3.0] on linux 


mom moe 


Type "help", "copyright", "credits" or "license" for more information. 
>>> 


Here, the change has succeeded and we are in the interactive mode. 
>>> quit() 
This last command allows us to exit the interactive mode and return back to shell. 


Notice that you may get a system message error like a bad interpreter (.. 
/usr/bin/python3: bad interpreter: No such file or directory), so to fix it, make a link for 
this path as the following: 


$ sudo In -s /usr/local/bin/python3 /usr/bin/python3 


You may also have some other system problems, because Linux uses Pyhton3 in 
many programs, its better to have your python3 version updated systematically like 
updating and upgrading the OS system. 
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6.3.2 Basic operations 
Display a message 


>>> print("Hello World!") 
Hello World! 


Using format(): 


>>> print("Hello {0}!".format(""World")) 
Hello World! 


Other: 
>>> print("-" * 10) 


Read information 


>>> var = input(' Enter your variable: ') 

Enter your variable: The computer is a machine 

>>> print('You have entered as input: ', var) 

You have entered as input: The computer is a machine 


Getting help on the sys and math modules for example: 


>>> import sys 
>>> dir(sys) 


>>> import math 
>>> dir(math) 


Variables 

>>> x=25 

>>> username="Adam" 

>>> text='Hello world!' 

>>> filename='mydata/data.csv' 
Basic types 

>>> x=32 # Integer 


>>> y=32.56 # Floating point 
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>>> nothing=None 

Conversions 

a=int(x) # convert x to integer and store it in a 
b=float(x) # convert x to float and store it in b 
c=str(x) # convert x to string and store it inc 
Operations on string 

>>> w='world' 


>>> len(w) 
5 


>>> w.upper() 
'WORLD' 


>>> w.startswith(") 
True 


>>> w.startswith('r') 
False 


>>> w.startswith('w') 
True 


>>> w.replace(‘w','W') 
'World' 


a 
>>> addr='10-10395 street city’ 


>>> parts=addrsplit() 
>>> parts 
['10-10395', ‘street’, 'city'] 


>>> elt=parts[0] 
>>> elt 
'10-10395' 


>>> elt[:-2] 
'10-103' 
>>> elt[:2] 
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'10' 
>>> elt[:-5] 
'10-' 


>>> parts[0]=elt[:-5]+'10380' 
>>> parts[0] 

'10-10380' 

>>> parts 

['10-10380", ‘street’, 'city'] 


>>> ''join(parts) 
'10-10380 street city' 
Switch the value of variables between two variables a, b: 


>>> q=5 
>>> b=6 


>>> c=a 
>>> a=b 
>>> b=c 


>>> a # print(a) 
6 
>>> b # print(b) 
5 


Declare and display 
>>> a=5;b=4 


>>> print(a,b) 
54 


Built-in function example: 


>>> sum 
<built-in function sum> 


>>> a=(4,5,8) 


>>> sum(a) 
17 


>>> sum(a,3) 
20 
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Relational operators 


> <: Less ( ax<b i.e. the value of left operand “a” is less than the value of right 


operand “b’). 
> <=: Less or equal. 
> > : Greater. 
> >=: Greater or equal. 
> ==: Equal. 
> != : Not equal. 


Boolean expressions “and, or, not” 


>>> q=5 
>>> b=7 
>>> c=9 


Logic and 


>>> if b>=a and b<=c: 
print("b is between a and c") 


b is between a and c 
Logic or, not 


>>> if not(b<a or b>c): 
print("b is still between a and c") 


b is still between a and c 


6.3.3 Compound Data types 
Ranges 


Range is a basic sequence type. The range type represents an immutable sequence of 
numbers. You will find the examples later in Looping. 


Lists 
List is a basic sequence data type. Lists are mutable sequences. 


Some operations: 
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>>> names=['Kader', 'Rami', 'Adam'] 


>>> sorted(names) 
['‘Adam', 'Kader', 'Rami'] 


>>> len(names) 

3 

>>> names.append('Joseph') 
>>> names 

['Kader'’, 'Rami', ‘Adam’, 'Joseph'] 


>>> names.remove('Kader') 
>>> names 
['Rami', 'Adam', 'Joseph'] 


Slice a list: 
>>> numbers=[23, 54, -6, 0, 4] 


>>> numbers[:2] 
[23, 54] 


>>> numbers[:-2] 
[23, 54, -6] 


>>> numbers[:3] 
[23, 54, -6] 


Tuples 


The tuple is a standard sequence data type. It consists of a number of values 
separated by commas. 


Declare an empty tuple “t-empty”: 


>>> t-empty = () 
>>> t-empty 


0 


Packing the values in a tuple “t”: 
>>> t = (2345, 8492.65, -9645, 'hello!') 
Or without brackets: 


>>> t = 2345, 8492.65, -9645, ‘hello!’ 
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>>> len(t) # To returns the number of elements in the tuple 
4 


>>> t[0] # To access the first element 
2345 

>>> t[3] # To access the fourth element 
‘hello!' 

>>>t 

(2345, 8492.65, -9645, 'hello!') 


Tuples may be nested: 


>>> tl =t, (1, 2, 3, 4, 5) 

>>> tl 

((2345, 8492.65, -9645, ‘hello!'), (1, 2, 3, 4, 5)) 
>>> t1[0] 

(2345, 8492.65, -9645, 'hello!') 

>>> t1/1] 

(1, 2, 3, 4, 5) 


The content cannot be modified: 


>>> t[0J=222 # Tuples are immutable 
Traceback (most recent call last): 
File "<stdin>", line 1, in <module> 
TypeError: 'tuple' object does not support item assignment 
Add element to tuple: 
>>> t=('4','5','6) 
>>> l=list(t) 
>>> Lappend('7') 
>>> t=tuple(l) 
>>> print("The element '7' has been added to tuple:",t) 


The element '7' has been added to tuple: ('4’, '5', '6', '7') 
SS 


((4', '5', '6', '7') 

Sets 

A set is an unordered collection with no duplicate elements. 
Create an empty set: 


>>> set() 
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set() 


>>> not{} # Creates an empty dictionary 
True 


Some operations: 


>>> id=set(['1234','4567','1234']) # The value '1234' is duplicated 
>>> id 
{'1234', '4567'} # Duplicates have been removed 


>>> id.add('89') 
>>> id 
{'89', '1234', '4567'} 


>>> id.remove('4567') 
>>> id 
£'89', '1234'} 


>>> '4567' in id 
False 

>>> '89' in id 
True 


>>> fruits={'banana’, 'pear'’, ‘apple’, 'mango’, 'pear'} 
>>> print(fruits) 

{‘apple', ‘banana’, 'mango', 'pear'} 

>>> ‘apple’ in fruits 

True 


>>> a = set(‘(ABRACADABRA’) 
>>> b = set(‘ALACAZAM’) 


>>> len(a) 

5 

>>> len(b) 

5 

>>> a # Unique letters in a 
{'B’', 'R', 'D', 'C’, 'A'} 

>>> b # Unique letters in b 
{'Z', 'L', 'C', 'M’, 'A'} 


>>>a-—b # Letters ina but not in b 
{'D', 'B, 'R'} 
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>>> a|b #Letters ina or bor both 
{'B’, R’, 'Z'; 'D’, 'L', C, 'M', ‘A'} 


>>>a&b # Letters in both a and b 
{CA} 


>>> ab #Letters ina or b but not both 
{'L', 'D’, 'B’, 'R’, Ls 'M'} 


Dictionaries 

Dictionary is a collection of values indexed by keys. 
Create an empty dictionary: 

>>> Dict = {} # Initialize a dictionary 

Some operations on a dictionary: 


>>> phone = {'Kader':'+ 1369’, 'Rami': '+1358'} 
>>> phone['Rami'] 
'+1358' 


>>> phone['Adam'] = '+1325' 
>>> phone 
{'Kader': '+1369', 'Rami': '+1358', 'Adam': '+1325'} 


>>> del phone['Kader'] 
>>> phone 
{'Rami': '+1358', 'Adam': '+1325'} 


>>> 'Kader' in phone 
False 

>>> 'Rami' in phone 
True 


>>> sorted(phone) 
[‘Adam'’, ‘Rami'] 


>>> list(phone) 
['Rami', 'Adam'] 


>>> dic= {'key1':(45, 57, 98), 'key2':(87,65,97)} # Dictionary as lookup tables 


>>> dic['key2'] 
(87, 65, 97) 
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6.3.4 Mathematics 
Calculating the following equation: y = 2x? — 5x? +x/2 +11, where x = 4. 


Soo x=4 

>>> yp=2*4**3-5*4**2+4/2+ 11 
>>> print("The result is :",y) 
The result is : 61.0 


Calculate the modulo (takes “%” as an operator): 
% returns the remainder from a division. 


>>> 19%2 # i.e. 19/2 = 2 as integer and the remainder is 1. 
1 


Absolute value: 

>>> abs(-9) 

9 

Minimum, maximum and sorting a list of numbers: 
>>> numbers=[23, 54, -6, 0, 4] 


>>> min(numbers) 
-6 

>>> max(numbers) 
54 

>>> sorted(numbers) 
[-6, 0, 4, 23, 54] 


>>> sorted(numbers, reverse=True) 
[54, 23, 4, 0, -6] 


Temperature conversion between degrees Fahrenheit (°F) and Celsius (°C): 
From °F to °C: 


>>> temp_celsius=77 

>>> temp_fahrenheit=(temp_celsius-32)*5/9 
>>> print(temp_fahrenheit) 

25.0 


From °C to °F: 
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>>> temp = eval(input('What is the temperature in Celsius (°C)? ')) 
What is the temperature in Celsius (°C)? 25 

>>> print(‘In Fahrenheit (°F) is ' , 9/5*temp+32) 

In Fahrenheit (°F) is 77.0 


The math module gives access to the underlying C library functions for floating point 
math: 


>>> import math 


>>> math.sqrt(2) # Return the square root of any number x=2, (x>=0) 
1.4142135623730951 


>>> math.factorial(4) 
24 


>>> math.pi # 1 
3.141592653589793 


>>> math.log(1024, 2) 
10.0 


>>> math.sin(2) # Return the sine of x=2 radians 
0.9092974268256817 


>>> math.cos(2) # Return the cosine of x=2 radians 
-0.4161468365471424 


>>> math.tan(5) # Return the tangent of x=5 radians 
-3.380515006246586 


>>> math.atan(5) # Return the arc tangent of x=5, in radians. The result is between -pi/2 and 
pi/2 

1.373400766945016 

The random module provides tools for making random selections: 


>>> import random 


>>> random.choice(['car’, 'train', 'boat']) 
‘train' 


>>> random.sample(range(100), 10) 
[7, 24, 33, 34, 50, 0, 43, 72, 13, 6] 


Using randint function from a random module to return a random integer: 
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>>> from random import randint 

>>> x = randint(1,100) 

>>> print(' The random number between 1 and 100 is: ', x) 
The random number between 1 and 100 is: 46 


The statistics module calculates basic statistical properties (like mean, median, 
variance) of numeric data: 


>>> data = [1, 2, 8, 4.5] 


>>> statistics.mean(data) 
3.875 


>>> statistics.median(data) 
3.25 


>>> statistics.variance(data) 
9.729166666666666 


Graphs 

Download and install the library (module) “matplotlib” to help drawing graphs: 
$ pip3 install -U matplotlib 

This command will also download and install others like “numpy” module. 
Pie chart 

>>> import pylab 


>>> pylab.pie([10,30,60]) 

([<matplotlib.patches. Wedge object at 0x7fa60917a130>, <matplotlib.patches. Wedge object at 
0x7fa6091863a0>, <matplotlib.patches. Wedge object at 0x7fa609186a30> ], 
[Text(1.0461621663333946, 0.3399186987098808, "), Text(-5.149471629032507e-08, 
1.0999999999999988, "), Text(-0.33991852729952715, -1.04616222202798, '')]) 


>>> pylab.show() 
If it hasn’t worked, run simply: 
>>> pylab.savefig("mygraph.png") 


You will find your graph into an image file “mygraph.png” saved in the current working 
directory. 
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Another example with more information and illustration: 

>>> import matplotlib.pyplot as plt 

>>> risk = ['low','medium’,'high'] 

>>> colr = ['y','g','r'] 

>>> plt.pie([10,30,60], labels=risk, colors=colr, startangle=90, shadow= True, explode=(0,0, 
0.05), autopct='%1.1f%%') 

([<matplotlib.patches. Wedge object at 0x7f841ccc7220>, <matplotlib.patches. Wedge object at 
0x7f841ccc7280>, <matplotlib.patches.Wedge object at 0x7f841c9e8220> ], [Text(- 
0.3399186987098806, 1.0461621663333949, 'low'), Text(-1.0999999999999988, - 
5.149471622296949e-08, 'medium'), Text(1.093715050301979, -0.3553693694495057, 'high')], 
[Text(-0.18541019929629848, 0.5706339089091244, '10.0%'), Text(-0.5999999999999993, - 
2.808802703071063e-08, '30.0%'), Text(0.6181867675619882, -0.2008609479497206, 
'60.0%')]) 


>>> plt.title('Risk pie chart’) 
Text(0.5, 1.0, 'Risk pie chart’) 


>>> plt.savefig("mygraph.png") 
Output's graph: 


Risk pie chart 


low 


medium 


high 
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Bar Graph 
>>> from matplotlib import pyplot as plt 


>>> plt.bar([0.25,1.25,2.25,3.25,4.25,5.25,6.25], 
[50,40,70,65,20,35,20],label="A",color='r',width=.5) 
<BarContainer object of 7 artists> 

>>> plt.bar([.75,1.75,2.75,3.75,4.75,5.75,6.75], 
[70,25,20,30,60,35,25],label="B",color='g',width=.5) 
<BarContainer object of 7 artists> 


>>> plt.legend() 
<matplotlib.legend.Legend object at Ox7f6d39059fa0> 


>>> plt.xlabel('Unit1') 

Text(0.5, 0, 'Unit1') 

>>> plt.ylabel('Unit2') 

Text(0, 0.5, 'Unit2') 

>>> plt.title(‘Bar graph’) 
Text(0.5, 1.0, ‘Bar graph’) 

>>> plt.savefig(""mygraph.png") 
Output's graph: 


Bar graph 
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Curve graph 
1. 
>>> import matplotlib.pyplot as plt 


>>> x = [1,2,3] 
>>>y = [2,4,6] 


>>> plt.plot(x, y) # plt.plot([1,2,3], [2,4,6]) 
[<matplotlib.lines.Line2D object at 0x7f3ffdbc6d60> ] 


>>> plt.showQ 
If it hasn’t worked, run simply: 
>>> plt.savefig("mygraph.png") 


To fill out some directive information on the graph like the axes (X “abscissa”, Y 
“ordinate”), type: 


>>> plt.title(‘Information') 
Text(0.5, 1.0, 'Information') 


>>> plt.xlabel('X abscissa’) 

Text(0.5, 23.52222222222222, 'X abscissa') 
>>> plt.ylabel('Y ordinate’) 
Text(42.722222222222214, 0.5, 'Y ordinate’) 


>>> plt.savefig("mygraph.png") 
Same graph using also the “numpy” library: 


>>> import matplotlib.pyplot as plt 
>>> import numpy as np 


>>> x=np.array([1,2,3]) 
>>> y=np.array([2,4,6]) 


>>> plt.plot(x,y) 
[<matplotlib.lines.Line2D object at 0x7f15cc927550> ] 


>>> plt.savefig("mygraph.png") 
2. 


>>> import matplotlib.pyplot as plt 
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>>> import numpy as np 


>>> x=np.linspace(0,2*np.pi,30) 
>>> y=np.cos(x) 


>>> plt.plot(x,y) 
[<matplotlib.lines.Line2D object at 0x7f7fda949d30> ] 


>>> plt.savefig("mygraph.png") 
To see the value of x (or y) type: 


SSS 3 
array([0. , 0.21666156, 0.43332312, 0.64998469, 0.86664625,.., 6.28318531]) 


3. 


>>> import matplotlib.pyplot as plt 
>>> import numpy as np 


>>> c = np.arange(0.0, 5.0, 0.02) 


>>> plt.plot(c, np.cos(2*np.pi*c)) 
[<matplotlib.lines.Line2D object at 0x7f44657b0730> ] 


>>> plt.savefig("mygraph.png") 
The output's graph: 
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Matrix 


Matrix is an array with two dimensional data structure, a row “i” and column “j”: 
matrix(i,j)( matrix[i][j]). 


1. Using a /ist: 
>>> matrix=[[1,2,3],[4,5,6]] # 2x3 (two rows and three columns) 


>>> matrix[0] 
[1, 2, 3] 
>>> matrix[1] 
[4, 5, 6] 


>>> matrix[0][0] # matrix[i] [j] 
1 

>>> matrix[0][1] 

we, 

>>> matrix[1][2] 

6 


Flatten a matrix (list): 
>>> matrix=[[1,2,3],[4,5,6]] 


>>> table=[num for elem in matrix for num in elem] 
>>> table 
2,345, 6] 


2. Using a numpy module: 
>>> from numpy import * 
>>> matrix=array([[1,2,3],[4,5,6]]) 


>>> matrix[0] 
array([1, 2, 3]) 
>>> matrix[1] 
array([4, 5, 6]) 


>>> matrix[0][0] 
1 
>>> matrix[0][1] 
i, 


>>> matrix[:2, :2] # Two rows, two columns 
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array([[1, 2], 
[4, 5]])) 


>>> matrix[:1] # One row 
array([[1, 2, 3]]) 


>>> matrix.shape # Gives (number of rows, number of columns) 
(2, 3) 
>>> matrix.dtype 


dtype(‘int64') 


6.3.5 System shell commands 


>>> import os 


>>> type(os) # Give the os type, after os importation 
<class 'module'> 


>>> os.mkdir(‘newfolder') # Create directory 


>>> os.getcwd() # Getting the current working directory 
Yhome/kalikal/workspace' 


>>> os.path.abspath(‘test.txt') # This method returns the pathname to the path passed as a 
parameter to this function 
V/home/kalikal/workspace/test. txt' 


>>> os.path.exists(‘test.txt') 
False 


>>> os.path.isdir(‘test.txt') 
False 


>>> os.path.isfile(‘test.txt') 
False 


>>> os.path.isdir(‘newfolder') 
True 


>>> cmd='touch test.txt' 
>>> os.system(cmd) 
0 


>>> os.path.isfile(‘test.txt') 
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True 


>>> cmd='ls' 

>>> os.system(cmd) 
newfolder test.txt 

0 


>>> os.listdir(os.getcwd()) 
['newfolder', 'test.txt'] 


>>> os.makedirs(‘newD0/newD1/newD2') # Create recursively directories 


>>> os.chdir(‘/tmp') # Change directory 
>>> os.getcwd() 
Ytmp' 


>>> os.chdir(/home/kalikal/workspace') 
>>> os.rename('test.txt', 'test1.txt') 

>>> os.remove('test1.txt') 

>>> os.rmdir(‘newfolder') 


>>> os.path.expanduser('~') 
Yhome/kalikal' 


>>> os.environ['HOME'] 
Yhome/kalikal' 

>>> os.environ['USER'] 
'kalikal' 


>>> print ("Getting the status of a file python3:",os.stat("/usr/local/bin/python3")) 
Getting the status of a file python3: os.stat_result(st_mode=33261, st_ino=3283821, 
st_dev=65025, st_nlink=1, st_uid=0, st_gid=0, st_size=21938024, st_atime=1620316076, 
st_mtime=1618272173, st_ctime=1618272173) 


>>> os.getpid() 
69286 

>>> os.getuid() 
1000 

>>> os.getgid() 
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1000 


>>> path = 'test.txt' 
>>> os.access(path, os.R_OK) # Check read permission (write: os.W_OK, exec: os.X_OK) 
True 


6.3.6 Control Structures 
Conditional statements “if, else, elif” 


>>>aq=5 
>>> b=7 


if: 
>>> ifa<b: 
print("true") 
true 
if, else: 
Using else (like otherwise), to make in this example the opposite condition “a>=b”: 


>>> ifa<b: 
print("true") 
else: 
print("false") 


true 
if, elif, else: 
elif is simply “else if”. 


>>> ifa<b: 
print("true") 
elif a>b: 
print("false") 
else: 
print("true") 


true 
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Looping statements “while, for” 
while: 
>>> i=15 


>>> while i>10: 
print(‘decrementing..',i) 
i=i-1 #i-=1 


decrementing.. 15 
decrementing.. 14 
decrementing.. 13 
decrementing.. 12 
decrementing.. 11 


for: 


>>> for iin range(5): 
print(i) #1 


RWS: 


>>> for iin range(5): 
print(i,end=' ') 


01234 


>>> for iin range(5,10): 
print(i) 


WCONAUN: 


>>> for iin range(5,10,2): 
print(i) 
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5 
7 
9 


In the instruction above, the function values correspond to the form: range(start, stop, 
step). The function range() supports only integers. 


For reverse looping, apply for statement instead of  range(5,10,2), 
reversed(range(5,10,2)). 


>>> fruits=['banana’, 'pear', ‘apple’, 'mango'] 
>>> for fruit in fruits: 
print(fruit) 
banana 
pear 


apple 
mango 


For sorted order looping, apply for statement, instead of fruits, sorted(fruits). 
Retrieving the position index and corresponding value: 


>>> for i, vin enumerate([ ‘zero’, ‘one’, 'two']): 
print(i, v) 


O zero 
1 one 
2 two 


Pairing the entries for two (or more) sequences: 


>>> questions = ['name'’, 'profession'] 
>>> answers = ['Adam', 'Engineer'] 


>>> for q, a in zip(questions, answers): 
print(‘What is your {0}? I am an {1}.'.format(q, a)) 


What is your name? I am Adam. 
What is your profession? I am an Engineer. 
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6.3.7 Dates and times 


Current date and time: 
>>> from datetime import datetime 


>>> now = datetime.now() 
>>> now 
datetime.datetime(2021, 4, 26, 14, 9, 33, 453878) 


>>> t = now.strftime("%H:%M:%S") 
Sat 


'14:09:33' 
>>> d= nowsstrftime("%m/%d/%Y") 


>>>d 
'04/26/2021' 


>>> dt = now.strftime("%d/%m/%Y, %H:%M:%S") 
>>> dt 


'26/04/2021, 14:09:33" 
>>> from datetime import date 


>>> now = date.today() 
>>> now 
datetime.date(2021, 4, 26) 


>>> now.strftime(""%m-%d-%y. %A, %d %B %Y") 
'04-26-21. Monday, 26 April 2021' 


Age in days: 


>>> birthday = date(1985, 10, 30) 
>>> age = now — birthday 

>>> age.days 

12962 


Representing time with a Time object: 
>>> from datetime import time 

>>> t= time() 

>>>t 

datetime.time(0, 0) 


>>> tl = time(10, 25, 55) 
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>>> tl 

datetime.time(10, 25, 55) 

t1_1 = time(hour = 10, minute = 25, second = 55) 
SSS 414 

datetime.time(10, 25, 55) 


>>> t2 = time(10, 25, 55, 223556) 
>>> 12 
datetime.time(10, 25, 55, 223556) 


6.3.8 Files 


Opening a file and doing some operations: 
Writing lines into a file (“\n” for a new line): 


>>> f=open("student.txt","w") 

>>> f.write(ID: Name: Field:\n0001 Kader IT\n0002 Sami  Mechanics\n0003 
Meriam Medicine\n0O004 Adam __ IT\n') 

117 

>>> f.closeQ) 


Or with: 


>>> f=open("student.txt","w") 

>>> line= ['ID: Name: Field:\n0001 Kader IT\n0002 Sami  Mechanics\n0003 
Meriam Medicine\n0004 Adam _ IT\n'] 

>>> f-writelines(line) 

>>> f.closeQ) 


Reading: 


>>> f=open("student.txt","r") 

>>> data=f.read() 

>>> data 

ID: Name: Field:\nO001 Kader IT\n0002 Sami  Mechanics\n0003  Meriam 
Medicine\n0004. Adam _ IT\n' 

>>> f.closeQ) 


Reading a file line at a time: 


>>> for line in f: 
print(line.strip()) 


ID: Name: Field: 
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0001 Kader IT 

0002 Sami Mechanics 
0003 Meriam Medicine 
0004 Adam _ IT 

>>> f.closeQ 


Append a line to file: 


>>> f=open("student.txt","a") 

>>> f-write("0005 Ibraham Mathematics\n") 
29 

>>> f.closeQ) 


Or with using “with open” statement: 


>>> with open("student.txt", "a") as f: 
f-write("0005 Ibraham Mathematics\n") 


29 
We don’t need to close the file because it has closed automatically, to check it write: 


>>> f.closed 
True 


Delete a specific line: 

>>> f=open("student.txt","r") 
>>> lines=f.readlines() 

>>> f.closeQ) 

>>> lines 


['TID: Name:  Field:\n','0001 Kader IT\n','0002 Sami  Mechanics\n', '0003 
Meriam Medicine\n', '0004 Adam _ IT\n','0005 Ibraham Mathematics\n'] 


>>> del lines[2] 
>>> lines 


['TID: Name:  Field:\n','0001 Kader IT\n','0003  Meriam Medicine\n', '0004 Adam 
IT\n', (0005 Ibraham Mathematics\n'] 


Continue with the following to save the modification: 
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>>> new_f = open("student.txt", "w+") 
>>> for line in lines: 
new_f.write(line) 
24 
20 
26 
20 
29 
>>> new_f.close() 


Parsing csv data 
Read the data from the csv file: 
>>> import csv 


>>> with open(‘Personnel.csv', newline="') as csvfile: 
r = csv.reader(csvfile) 
for row inr: 
print(', 'join(row)) 


Name, Age, Job 
Adam, 25, Mathematician 
Sara, 18, Translator 


Read line by line: 


>>> f = open('Personnel.csv') 
>>> r= csv.DictReader(f) 
>>> next(r) 
{'Name': 'Adam', 'Age': '25', 'Job': 'Mathematician'} 
>>> next(r) 
{'Name': ‘Sara’, 'Age': '18', ‘Job’: 'Translator'} 
>>> next(r) # We have only two records line 
Traceback (most recent call last): 
File "<stdin>", line 1, in <module> 
File "/usr/local/lib/python3.9/csv.py", line 111, in __next__ 
row = next(self.reader) 
StopIteration 


Or with: 


>>> with open(‘Personnel.csv', newline="') as csvfile: 
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r = csv.DictReader(csvfile) 
next(r) 


{'Name': 'Adam', 'Age': '25', 'Job': 'Mathematician'} 
Read with the selection: 


>>> with open(‘Personnel.csv', newline="') as csvfile: 
r = csv.DictReader(csvfile) 
for row inr: 
print(row['Name'], row['Job']) # print(row) : print all line 


Adam Mathematician 
Sara Translator 


Search of a record: 


>>> with open('Personnel.csv', newline=") as csvfile: 
r = csv.DictReader(csvfile) 
for row inr: 
if row['Name']=='Sara’: 
print(row) # print(row['Job']) : search for her job 


{'Name': ‘Sara’, 'Age': '18', ‘Job’: 'Translator'} 
Write records into the csv file: 


>>> with open(‘Personnel.csv’, 'w', newline=") as csvfile: 
wr = csv.writer(csvfile) 
wr.writerow(['Name’, ‘Age’, '‘Job']) 
wr.writerow(['Adam'’, '25', 'Mathematician']) 
wr.writerow(['Sara’, '18', 'Translator']) 


Or with: 


>>> with open(‘Personnel.csv’, 'w', newline=") as csvfile: 
fieldnames = ['Name'’, 'Age', '‘Job'] 
wr = csv.DictWriter(csvfile, fieldnames=fieldnames) 
wr.writeheader() 
wr.writerow({'Name': 'Adam', 'Age':'25', 'Job': 'Mathematician'}) 
wr.writerow({'Name': 'Sara', 'Age':'18', 'Job': 'Translator'}) 
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Append a record line: 


>>> with open(‘Personnel.csv’, ‘a’, newline=") as csvfile: 
fieldnames = ['Name'’, 'Age', '‘Job'] 
ap = csv.DictWriter(csvfile, fieldnames=fieldnames) 
ap.writerow({'Name': 'Yahia', 'Age':28, 'Job': 'Computer Engineer'}) 


6.3.9 Internet access 
1. Opening a web site: 


>>> import webbrowser 


>>> webbrowser.open("https:/www.shareforshow.com") 
2. Retrieving data from URLs: 


>>> from urllib.request import urlopen 
Reading the web code: 


>>> with urlopen(‘https://www.shareforshow.com’') as response: 
for line in response: 
line = line.decode(‘utf-8') # Decoding the binary data to text. 
print(line) 


<!DOCTYPE HTML> 


Looking for email addresses: 


>>> with urlopen(‘https:/www.shareforshow.com/contact/') as response: 


for line in response: 
line = line.decode(‘utf-8') 
if '@shareforshow.com' in line or '@' in line: 
print(line) 


t 


<br><br><p>Or send us an email to <a href="mailto:postmaster@shareforshow.com' 


target="_top">postmaster@shareforshow.com</a> 
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To develop web applications, use frameworks like Django, Flask, and Lino- 
framework. 


6.3.10 Functions and modules 


Defining a function to return the value of an area A =/ * w 


>>> def A(l, w): 
return 1 * w 


>>> A(5,9) 
45 


Using a function in a python program, to display hello message. For that we will create 
a “hello.py” file: 


#!/usr/local/bin/python3 
def hel(name): 
print(""Hello {0}!".format(name)) # print('Hello %s!'% name) 


Now in the interactive mode, we will demonstrate how to use the module hello and its 
function he! 
$ python3 


>>> import hello 
>>> hello.hel(‘Adam') 
Hello Adam! 


Or with: 


>>> from hello import hel 
>>> hel(‘Adam') 
Hello Adam! 


Range float numbers 
Writing a program “float-range.py” to solve this problem: 


#!/usr/local/bin/python3 
def frange(start , stop, step): 
i = start 
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while i < stop: 
yield i 
i=i+ step 


for i in frange(0.5, 1.0, 0.1): 
print(i) 


Running the program: 


$ python3 float-range.py 
0.5 

0.6 

0.7 
0.7999999999999999 
0.8999999999999999 
0.9999999999999999 


You can execute it also as follows: 
$ chmod +x float-range.py 
$ ./float-range.py 


Notice that we have used before, in the head of the script the shebang line 
“#!/usr/local/bin/python3” which defines where our interpreter is located (depending on 
where python3 is installed, usually is:’#//usr/bin/python3”). You can make the python 
script run without the shebang if you use the first method (python3 float-range.py), 
otherwise as in the second method, it will be executed only if you define it (after setting 
chmod +x float-range.py, run it with: ./float-range.py), because the operating system 
does not know it's a python script. 


Python3 script is portable with “#//usr/bin/env python3”, in which the use of env 
command is to find the path to the executable python3. With the type command you 
can check all the available locations of the env command: 


$ type -a env 
env is /usr/bin/env 
env is /bin/env 
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6.3.11 Arguments *args,**kwargs 


*args gives an arbitrary number of inputs to your function. 


Before going directly to *args example, we will illustrate the concept in the following to 
understand it better: 


Sum of two numbers: 


>>> def sum2num(a,b): 
return a+b 


>>> sum2num(5,5) # print(sum2num(5,5)) 
10 


Sum of three numbers: 


>>> def sum3num(a,b,c): 
return a+b+c 


>>> sum3num(5,6,7) 
18 


Now, to add however many numbers of variables, we will use *args as a parameter: 


>>> def adder(*args): 
r=0 
for arg in args: 
r+=arg 
return r 


>>> adder() 

0 

>>> adder(4) 

4 

>>> adder(5,6,8,10) 
29 


While **kwargs gives an arbitrary number of Keyworded inputs to your function and 
access them using a dictionary. 


We will demonstrate the concept, in the same way we did before in the use of *args: 
>>> def info(name,age): 


print(f'{name} is {age} years old') 
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>>> info('‘Adam',25) 
Adam is 25 years old 


>>> def info(name1,age1,name2,age2): 
print(f'{name1} is {age1} years old') 
print(f'{name2} is {age2} years old') 


>>> info('‘Adam',25, 'Joseph',28) 
Adam is 25 years old 
Joseph is 28 years old 


Now, using **kwargs: 


>>> def info(**kwargs): 
for a,b in kwargs.itemsQ): 
print(f'{a} is {b} years old') 


>>> info(Adam=25,Joseph=28) 

Adam is 25 years old 

Joseph is 28 years old 

>>> info(Adam=25,Joseph=28, Sara=18) 
Adam is 25 years old 

Joseph is 28 years old 

Sara is 18 years old 

>>> infoQ 


6.3.12 Factorial and Tower of Hanoi problems 


Factorial problem 
The factorial of a number n (n!): 
> nis positive integer. 
> nli=nx(n-1)x(n-2)x..x Ol. 
> AndO!=1. 
Exp: 5!=? 
5! = 5x4x3x2x1x0! = 5x4x3x2x1x1 = 120 


1. Using a recursive function to solve the problem (program file: “factorial.py”): 
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#!/usr/local/bin/python3 
def fact(n): 
ifn==0: # Stop condition 
return 1 # The function fact stores 1, fact(0)=1 
else: return n * fact(n-1) 
#f=eval(input('Enter a number: ')) 


try: 

x=input('Enter a number: ') 
f=int(x) 

print('n! =',fact(f) 

except: 


print(""The number should to be positive integer") 
Output: 


$ python3 factorial.py 
Enter a number: 5 
n! = 120 


$ python3 factorial.py 
Enter a number: -9 
The number should to be positive integer 


Note that to catch and handle exceptions, we used the try and except block. We can 
simply use the following format to pass without printing the error message: 


try: 
{code} 

except: 
pass 


2. Using an iterative function: 


#!/usr/local/bin/python3 
def fact_iter(n): 

fact = 1 

for i in range(2,n+1): 

fact = fact * i# fact *= i 

return fact 
try: 
x=input('Enter a number: ') 
f=int(x) 
if f>=0: 

print('n! =',fact_iter(f)) 
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else: 


print(""The number should to be positive integer") 
except: 
print(""The number should to be positive integer") 


Towers of Hanoi problem 


It should move all the disks of different sizes from one rod to another, using three rods 
and following certain conditions: Moving one disk at a time, in which taking the upper 
disk from one of the stacks and placing it on top of another stack, and placing a large 
disk on the small one is not possible. 


The problem will be complicated from 3 disks (n = 3), the following steps explain how 
to proceed: 


Rods: A B Cc 


Step1: A B C 


Step2: A B Cc 
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Step3: A B C 


Step4: A B Cc 


Step5: A B C 


Step6: A B C 


Step7: A B C 


That illustrates 7 moves (7 steps) for 3 disks i.e. 2? — 1 = 7 => 2-1 moves to solve 
the Towers of Hanoi for n disks. 


We will use a recursive function to solve this problem: 
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#!/usr/local/bin/python3 


def hanoi(n , source, destination, helper): 
ifn==1: # Stop condition 
print ("Move disk 1 from source",source,"'to destination",destination) 
return 
hanoi(n-1, source, helper, destination) 
print ("Move disk",n,"from source",source, "to destination",destination) 
hanoi(n-1, helper, destination, source) 


n = 3 # Number of disks 
hanoi(n,'A','B','C') # A, B, C are the name of rods 


Output: 


Move disk 1 from source A to destination B 
Move disk 2 from source A to destination C 
Move disk 1 from source B to destination C 
Move disk 3 from source A to destination B 
Move disk 1 from source C to destination A 
Move disk 2 from source C to destination B 
Move disk 1 from source A to destination B 


6.3.13 Some programs 
1) Sum of a table (list of numbers): 


#!/usr/local/bin/python3 
a=[0,2,8,15] 
sumnum=0 

foriina: 
sumnum=sumnum +i 

print (sumnum) 


Output: 
25 
2) Sorting a table (list of numbers): 


#!/usr/local/bin/python3 


1 = [10,3,4,2,8,6,1,7,9,5] 
for i in range(0, len(1)): 
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index = i 
for j in range(i+1,len(1)): 
if I[j] < [index]: 
index = j 
tmp = I[i] 
I[i] = l[index] 
I[index] = tmp 
print(l) 


Output: 

[1,2,3,4, 5, 6,.7,8,9, 10] 

3) Extract all existed links, ending with "/wiki/*" path from website page 
“https://en.wikipedia.org/wiki/John_von_ Neumann": 

Install the library “bs4”: 


$ pip3 install -U bs4 
The program “webscraping.py”: 
#!/usr/local/bin/python3 


from urllib.request import urlopen 
from bs4 import BeautifulSoup 
import re 
html = urlopen("https://en.wikipedia.org/wiki/John_von_Neumann") 
bsObj = BeautifulSoup(html, "html.parser") 
for link in bsObj.find("div", {"id":"bodyContent"}).findAll("a",href=re.compile(""\/wiki/) 
(CPE) )*S"): 

if ‘href’ in link.attrs: 

print(link.attrs[‘href']) 


Output: 


/wiki/Personal_name 
/wiki/Personal_name#Western_name_order 
/wiki/Budapest 


4) An algorithm helps to find the first biggest phrase (with the maximum of words 
including the empty words “the spaces”) in the paragraph, ending with “.” (here just 
one dot), “! “, or “?”, and gives also features such as the number of words, the index of 


337 


phrases with the same number of words in the text, and the other phrases with the 
same words number. Our text will finish with “#”. 


#!/usr/local/bin/python3 


a='Hey there! How are you? Fine..thanks. You? I am great. Thanks.#' 


def solution(a): 
k=0 
b=[] 
b2=[] 
c=a.replace('..','$$') 
for iin range(len(c)): 
x=c[i] 
if (X=='!') or (x=='?') or (X=='.'): 
b1l=c[k:i] 
b.append(b1) 
if k<=len(c): 
if (cfi+1]!=''): 
k=i+1 
elif (cfit+1]=="'): 
k=i+2 


for iin b: 
x1=i.replace(‘$$','..') 
b2.append(x1) 

print('The divided phrases are:',b2) 


index2=[] 
max = 0 
for i1 in range(len(b2)): 
t=b2/[i1] 
num=0 
for j in range(len(t)): 
if tijJ=="': 


num=num+1 


if max<num: 
max=num 
index=il 

elif max==num: 
max=num 
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index2.append(i1) 


elif max>num: 
max=max 
for m in index2: 
print('The next phrase with the same words number:',b2[m]) 
print(((Words number:,','The first biggest phrase:,','Phrases index with same words number:)’) 
return max+1,b2[index] ,index2 


print(solution(a)) 
Output: 


The divided phrases are: ['Hey there’, 'How are you", 'Fine..thanks’, 'You', 'I am great’, 'Thanks'] 
The next phrase with the same words number: I am great 

(Words number:, The first biggest phrase:, Phrases index with same words number:) 

(3, 'How are you’, [4]) 


6.3.14 Function decorators 


Decorator is a function that wraps or takes another function thus modifying its behavior 
but not its structure. 


>>> # Here’s the decorator’s implementation: 
>>> def mydecorator(f): 
def wrapper(): # Local function that calls the original function 
print('Inside before calling the function’) 
fO # Calls the printname() function 
print('Inside after calling the function’) 
return wrapper 


>>> # Here’s a function decorated with the @mydecorator decorator 
>>> @mydecorator # Function decorated 
def printname(): 
print(‘Adam’') 


>>> # Output: 

>>> print(printname()) 

Inside before calling the function 
Adam 

Inside after calling the function 
None 
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Same example, using the arguments(*args,**kwargs): (program name: “decorate1.py”) 


def mydecorator‘(f): 
def wrapper(*args,**kwargs): 
print('Inside before calling the function’) 
f(*args,**kwargs) 
print(‘Inside after calling the function’) 
return wrapper 


@mydecorator 
def printname(name): 
print(name) 


print(printname(‘Adam')) 
Output: 


$ python3 decorate1.py 

Inside before calling the function 
Adam 

Inside after calling the function 
None 


Another instance, a decorator with argument: (program name: “decorate2.py”) 


def mydecoratorgeneral(msg='Message’): 
def mydecorator(f): 
def wrapper(*args, **kwargs): 
print('The message is: ' +msg) 
print(‘Inside before calling the function’) 
f(*args,**kwargs) 
print(‘Inside after calling the function’) 
return wrapper 
return mydecorator 


@mydecoratorgeneral(msg='Hello') 
def printname(name): 
print(name) 


print(printname(‘Adam')) 
Output: 


The message is: Hello 
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Inside before calling the function 
Adam 

Inside after calling the function 
None 


6.3.15 Object oriented 


In Python, almost everything is an object. Class is used to collect together data 
(properties) and functionality (methods). It is considered to be like an object constructor 
or a blueprint to create an object. 


Python provides many reserved special functions (methods) in classes to customize 
objects, such as:__ new_,__init_,__del_, ___str 


__§Init__ allows the class to initialize state information or data which the instances of a 
class usually store. It is known as a constructor. 


The keyword self is used to represent the instance of a class. By using it, we can 
access the attributes and methods of the class. It binds the attributes with the given 
arguments. 


Simple Class 


>>> class MyClass: 
# Attributes (used as Object’s properties) 


"""A simple example class""" # = __doc__ attribute 
i = 9530 

# Function (used as Object’s method) 

def f(self): 


return 'Hello World' 


>>> obj=MyClass(Q) ; # Create a new instance of the class and assigns this object to the local 
variable obj 

>>> obj 

<__main__.MyClass object at 0x7faa89b78e80> 

>>> obj.f 

<bound method MyClass.f of <__main__.MyClass object at 0x7faa89b78e80>> 
>>> obj.i # MyClass.i 

9530 

>>> obj.f0 # MyClass().fO 

‘Hello World' 

>>> obj._doc__ # MyClass.__doc__ 
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‘A simple example class' 

>>> # Change the attribute references: obj.i, obj.f, obj.__doc__ 
>>> obj.i=100 

>>> obj.i 

100 

>>> obj.f='Hello Everyone' 

>>> obj.f 

‘Hello Everyone' 

>>> obj.__doc__="""Description 
>>> obj.__doc__ 

‘Description’ 


Tere 


Empty class definition 


>>> class Student: 
pass 


>>> student1=Student() # Create an empty student record 


>>> # Fill the fields of the record 
>>> student1.name='Adam' 
>>> student1.field='Informatics' 


>>> # Printing the values 
>>> studentl 
<__main__.Student object at 0x7faa89b86430> 


>>> student1.name 
'Adam' 


Using built-in __init__() function 
i; 


>>> class Friend: 
def __init__(self): 
print(""Hello Friends!") 


def get_energy(self): 
return "Give me orange juice!" 


>>> f=FriendQ 
Hello Friends! 


>>> f.get_energy() 
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'Give me orange juice!’ 
>>> f.__init__Q 
Hello Friends! 


ae ae be 

<__main__.Friend object at 0x7faa89b43250> 

>>> f.__init__ 

<bound method Friend.__init__ of <__main__.Friend object at Ox7faa89b43250> > 
>>> fi.get_energy 

<bound method Friend.get_energy of <__main__.Friend object at 0x7faa89b43250> > 


2. 


>>> class Friend: 
def __init__(self,x): 
self-energy = x 


def get_energy(self): 
return self.energy 


>>> f=FriendQ 
Traceback (most recent call last): 
File "<stdin>", line 1, in <module> 
TypeError: __init__() missing 1 required positional argument: 'x' 


>>> f=Friend(120) 
>>> fl=Friend(250) 


>>> f.get_energy() 
120 


>>> fl.get_energy() 
250 


>>> Friend._dict__ 

mappingproxy({'__module__': ' init__': <function Friend.__init__ at 
0x7fb1a77caa60>, 'get_energy': <function Friend.get_energy at Ox7fb1a77caee0>, '_dict__': 
<attribute '__dict__' of 'Friend' objects>, '__weakref__': <attribute '__weakref__' of 'Friend' 


main_',' 


— —? —— 


objects>, '__doc__': None}) 


>>> f.__dict__ 
{'energy': 120} 


>>> fz=350 


o> dict —- 
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{‘energy': 120, 'z': 350} 
3. 


>>> class Friend(object): 
y = 0# The varibale y is a class attribute 
def init__(self, x): # The variable x is an instance attribute 
self.x =x 


>>> f=FriendQ 
Traceback (most recent call last): 
File "<stdin>", line 1, in <module> 
TypeError: __init__() missing 1 required positional argument: 'x' 


>>> f=Friend(120) 


ee fi 
<__main__.Friend object at 0x7f6cf1070700> 


>>> f__init__ 
<bound method Friend.__init__ of <__main__.Friend object at Ox7f6cf1070700>> 
Soe Tx 


120 

>>> fy 

0 

MetaClass 

MetaClass is a class whose instances are classes. 


>>> class Person(object): # Same declaration as “class Person():” or “class Person:” 
name= 'Adam' 
def __str__(self): 
return 'Hello '+self.name 


>>> class B(Person): 
pass 


The class B is an instance of the class (metaclass) Person. 


>>> obj=Person() 
>>> obj 
<__main__.Person object at 0x7fa2fd6e3490> 
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>>> print(obj) 
Hello Adam 


>>> obj1=BQ) 


>>> objl 
<__main__.B object at 0x7fa2fd6e3670> 


>>> print(obj1) 
Hello Adam 


“type” will give us the class of an instance: 


>>> print(type(obj).__name__) 
Person 


>>> print(type(obj1).__name__) 
B 


In the following example, both MyClass and MySubclass are instances of Meta: 


>>> class Meta(type): 
pass 


>>> class MyClass(metaclass=Meta): # By passing the metaclass keyword argument 
pass 


>>> class MySubclass(MyClass): 
pass 


Protect the class 


Using __slot___ to store object data and reduce Memory consumption by pre-declaring 
space, for instance attributes, and eliminating instance dictionaries. This technique is 
somewhat tricky to get it right. 


>>> class Person: 
__slots__=(‘name','age’,) # Defining attributes using the special attribute: __slots__ 


>>> obj=Person() 


>>> obj.name='Adam' 
>>> obj.age=25 
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>>> obj.name 
‘Adam' 


>>> obj.city='Toronto' 
Traceback (most recent call last): 

File "<stdin>", line 1, in <module> 
AttributeError: 'Person' object has no attribute 'city' 


Try to Add an attribute 'city': 


>>> obj.__class__.city='Toronto' 


>>> obj.city 

'Toronto' 

>>> obj.__class__.city 
'Toronto' 


We really managed to add an attribute, that means the class is not protected. The 
following code will protect the class and deny adding any attribute: 


>>> class PersonMeta(type): 
def ___new__(mcs, name, bases,class_dict): 
class_dict['__slots__']=(‘name’,'age’,) 
return type.__new__(mcs,name,bases,class_dict) 
def __setattr__(cls,key,value): 
if hasattr(cls,key): 
return super().__setattr__(key,value) 
raise AttributeError("{} NOT FOUND" .format(key)) 


>>> class Person(metaclass=PersonMeta): 
pass 


In the following is the demonstration of the concept: 


>>> obj=Person() 
>>> obj.name='Adam' 
>>> obj.age=25 
>>> obj.city='Toronto' 
Traceback (most recent call last): 
File "<stdin>", line 1, in <module> 
AttributeError: 'Person' object has no attribute 'city' 


Try to Add an attribute 'city': 
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>>> obj.__class__.city='Toronto' 
Traceback (most recent call last): 
File "<stdin>", line 1, in <module> 
File "<stdin>", line 8, in __setattr__ 
AttributeError: city NOT FOUND 


We couldn't add the attribute and our class is now protected. 
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https://www.virtualbox.org/manual/ch01.html 
http://www.ss.pku.edu.cn/vs/style/resources/Introduction%20to%20Virtualization. pdf 
https://azure.microsoft.com/en-ca/overview/what-is-a-virtual-machine/ 
https://man7.org/linux/man-pages/man8/Isof.8.html 
https://www.cyberciti.biz/faq/how-to-use-sed-to-find-and-replace-text-in-files-in-linux-unix- 
shell/ 
http://www.yourownlinux.com/2015/04/sed-command-in-linux-append-and-insert-lines-to- 
file.html 
https://www.geeksforgeeks.org/how-to-create-a-shared-folder-between-two-local-user-in- 
linux/ 

https://www.clamav.net/ 
https://www3.physnet.uni-hamburg.de/physnet/Tru64-Unix/HTML/MAN/ 
MAN8/0421_ Ss. HTM 


Networks: 
https://repository.dinus.ac.id/docs/ajar/materi_2_data_transmission.pdf 
http://www.sfu.ca/~ljilja/ENSC427/Spring16/News/Leon-Garcia_Widjaja/ 
LGW2EChapter3Presentation. pdf 
https://datatracker.ietf.org/doc/html/rfc6890 
https://datatracker.ietf.org/doc/html/rfc4291 
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https://techhub.hpe.com/eginfolib/networking/docs/switches/K-KA-KB/16-01/5200- 
0133_ipv6_config_k/content/ch06s07.html 
https://www.bmc.com/blogs/osi-model-7-layers/ 
https://www.sciencedirect.com/science/article/pii/S1878778918300164 
https://networkinterview.com/what-is-nano-network-technology/ 

https://sites. pitt.edu/~dtipper/2720/2720_Slides16.pdf 
https://pubmed.ncbi.nlm.nih.gov/12451866/ 
https://www.monolithicpower.com/en/analog-vs-digital-signal 
https://dept-info.labri.fr/~felix/Annee2008-09/S2/ASR2%20Reseaux/4. pdf 
https://www.etsi.org/technologies/smart-body-area-networks 
https://tldp.org/HOWTO/Modem-HOWTO-23.html 

http://www. physics.udel.edu/~watson/scen103/projects/96s/thosguys/baud.html 
https://www.electronicdesign.com/technologies/communications/article/21802272/whats- 
the-difference-between-bit-rate-and-baud-rate 
https://docs.microsoft.com/en-us/windows-server/administration/windows-commands/reg- 
query 

https://www.isumsoft.com/windows-10/most-used-run-commands-for-windows-10- 
users.html 
https://www.networkworld.com/article/3305810/how-to-list-repositories-on-linux.html 
https://tools.ietf.org/html/rfc6455 

https://www.navigator.ca/support/imap-pop3-smtp/ 
http://www.tcpipguide.com/free/t_TCPConnectionEstablishmentProcessTheThreeWayHandsh- 
3.htm 

https://www.guru99.com/tcp-3-way-handshake. html 

https://www.cloudflare.com 
http://digitalthinkerhelp.com/network-operating-system-nos-tutorial-examples-and-types/ 
http://www.bbc.co.uk/webwise/guides/intranets-and-extranets 
https://www.geeksforgeeks.org/types-of-area-networks-lan-man-and-wan/ 
https://www.geeksforgeeks.org/differences-between-tcp-and-udp/ 
https://www.computerhope.com/jargon/i/ip.htm 

https://techterms.com/definition/p2p 
https://www.investopedia.com/terms/i/ip-address.asp 

https://en.wikipedia.org/wiki/IPv6é 
https://www.ciscopress.com/articles/article.asp?p=348253&seqNum=7 
https://www.gatevidyalay.com/ipv4-ipv4-header-ipv4-header-format/ 
https://www.tutorialspoint.com/ipv6/ipv6é_headers.htm 
https://www.avast.com/c-ipv4-vs-ipv6-addresses#topic-1 
https://www.vpnoneclick.com/types-of-vpn-and-types-of-vpn-protocols/ 
https://nordvpn.com/blog/vpn-vs-proxy/ 
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https://www.backblaze.com/blog/whats-the-diff-nas-vs-san/ 
https://netaddr.readthedocs.io/en/latest/tutorial_01.html 
https://www.eecs.yorku.ca/course_archive/2011-12/F/3213/Notes/chapter_3.pdf 
https://us-cert.cisa.gov/sites/default/files/publications/CloudComputingHuthCebula.pdf 
https://packetlife.net/media/library/23/common-ports.pdf 
https://www.ics.uci.edu/~ddenenbe/148/Networking.pdf 
https://www.cse.wustl.edu/~jain/tutorials/ftp/t_2tcp.pdf 
https://www.javatpoint.com/what-is-world-wide-web 
http://info.cern.ch/hypertext/WWW/TheProject.html 
https://home.cern/science/computing/birth-web 

https://cifs.com/ 
https://library.netapp.com/ecmdocs/ECMP1155586/html/GUID-4645E16A-6CB1-4A71-8420- 
05749894E857.html 


Programming: 

https://www.cs.fsu.edu/~engelen/courses/COP402004/notes2_4.pdf 
https://www.guru99.com/difference-compiler-vs-interpreter.html 
https://ftms.edu.my/v2/wp-content/uploads/2019/02/PROG0101_CHO2.pdf 
https://www.umsl.edu/~joshik/msis480/chapt05.htm 
https://www.altia.com/2014/09/22/different-types-of-ui/ 
https://www.quora.com/What-is-a-list-of-the-eight-types-of-algorithms 
https://www.edrawsoft.com/explain-algorithm-flowchart.html 
https://www.ibm.com/cloud/learn/api 

https://www.britannica.com/technology/UNIX 

https://linuxize.com/post/bash-shebang/ 
https://medium.com/@codingmaths/bin-bash-what-exactly-is-this-95fc8db817bf 
https://hackr.io/blog/procedural-programming 
https://docs.python.org/3/tutorial/stdlib.html#mathematics 
https://tldp.org/LDP/abs/html/why-shell.html 
https://www.gnu.org/savannah-checkouts/gnu/bash/manual/bash.html#What-is-Bash_O03f 
https://towardsdatascience.com/a-primer-on-args-kwargs-decorators-for-data-scientists- 
bb8129e756a7 
https://hicaselectronics.files.wordpress.com/2019/05/algorithmic-problem-solving.pdf 
https://www.geeksforgeeks.org/self-in-python-class/ 
https://www.tutorialspoint.com/What-is-difference-between-self-and-init-methods-in-python- 
Class 

https://stackabuse.com/using-slots-to-store-object-data-in-python/ 
https://docs.python.org/3/glossary.html#term-slots 
https://www.star.le.ac.uk/zrw/compshop/1styearc.pdf 


355 


The assistant materials 


Manual pages “man” of Linux & Help of commands 
https://www.google.com 
https://www.youtube.com 
https://stackoverflow.com/ 
https://en.wikipedia.org/wiki/Main_Page 
https://docs.python.org/3/ 
https://www.guru99.com 
https://www.cloudflare.com 

Other resources. 
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